Here is the Ewido and Hi-Jack this...
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------
+ Created on: 4:27:44 PM, 8/9/2005
+ Report-Checksum: 4D147BE7
+ Scan result:
HKLM\SOFTWARE\Classes\PROTOCOLS\Name-Space Handler\res -> Spyware.WebSearch : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DisplayUtility -> Spyware.Delfin : Cleaned with backup
HKLM\SOFTWARE\Mvu -> Spyware.Delfin : Cleaned with backup
HKLM\SOFTWARE\SecureWin -> Spyware.Adlogix : Cleaned with backup
HKU\S-1-5-21-484763869-2139871995-682003330-1329\Software\Mvu -> Spyware.Delfin : Cleaned with backup
C:\Documents and Settings\jfrisbie\Cookies\[email protected][2].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\jfrisbie\Cookies\[email protected][1].txt -> Spyware.Cookie.Addynamix : Cleaned with backup
C:\Documents and Settings\jfrisbie\Desktop\backups\backup-20050726-102051-830.dll -> Spyware.BookedSpace : Cleaned with backup
C:\Documents and Settings\jfrisbie\Desktop\backups\backup-20050803-112227-856.dll -> Spyware.SafeSurfing : Cleaned with backup
C:\Program Files\Common Files\Uninstall Information\RemoveDisplayUtility.exe -> Spyware.Delfin : Cleaned with backup
C:\WINNT\bnuysvc.exe -> TrojanDropper.Agent.mu : Cleaned with backup
C:\WINNT\Downloaded Program Files\ActiveX.ocx -> Spyware.Look2Me : Cleaned with backup
C:\WINNT\icont.exe -> Spyware.AdURL : Cleaned with backup
C:\WINNT\kcnrlthf.exe -> Spyware.BookedSpace : Cleaned with backup
C:\WINNT\ru.exe -> Spyware.PurityScan : Cleaned with backup
C:\WINNT\system\UpdInst.exe -> Spyware.Look2Me : Cleaned with backup
C:\WINNT\system32\AUNPS2.dll -> Spyware.Hijacker.Generic : Cleaned with backup
C:\WINNT\system32\chyptext.dll -> Spyware.Look2Me : Cleaned with backup
C:\WINNT\system32\eonne.dll -> TrojanDownloader.Qoologic.n : Cleaned with backup
C:\WINNT\system32\gtdef.dll -> Spyware.Look2Me : Cleaned with backup
C:\WINNT\system32\ih41_qc.dll -> Spyware.Look2Me : Cleaned with backup
C:\WINNT\system32\iVshlpr.dll -> Spyware.Look2Me : Cleaned with backup
C:\WINNT\system32\izctl.dll -> Spyware.Look2Me : Cleaned with backup
C:\WINNT\system32\jKvart.dll -> Spyware.Look2Me : Cleaned with backup
C:\WINNT\system32\kjggkha.dll -> TrojanDownloader.Qoologic.n : Cleaned with backup
C:\WINNT\system32\kvdgr1.dll -> Spyware.Look2Me : Cleaned with backup
C:\WINNT\system32\lanbrup.exe -> Spyware.SafeSurfing : Cleaned with backup
C:\WINNT\system32\mhang.dll -> Spyware.Look2Me : Cleaned with backup
C:\WINNT\system32\MJSDM.DLL -> Spyware.Look2Me : Cleaned with backup
C:\WINNT\system32\mlastmib.dll -> Spyware.Look2Me : Cleaned with backup
C:\WINNT\system32\MMSTKPRP.DLL -> Spyware.Look2Me : Cleaned with backup
C:\WINNT\system32\mmswch.dll -> Spyware.Look2Me : Cleaned with backup
C:\WINNT\system32\mrscp.dll -> Spyware.Look2Me : Cleaned with backup
C:\WINNT\system32\nsi1C.dll -> Spyware.HotSearchBar : Cleaned with backup
C:\WINNT\system32\parrpb.exe -> TrojanDownloader.Qoologic.n : Cleaned with backup
C:\WINNT\system32\rOpilib.dll -> Spyware.Look2Me : Cleaned with backup
C:\WINNT\system32\rsvstr10.exe -> Spyware.Apropos : Cleaned with backup
C:\WINNT\system32\sammon.dll -> Spyware.Look2Me : Cleaned with backup
C:\WINNT\system32\supdate.dll -> TrojanDownloader.Qoologic.p : Cleaned with backup
C:\WINNT\system32\SvmRedir.dll -> Spyware.Look2Me : Cleaned with backup
C:\WINNT\system32\tаskmgr.exe -> Spyware.PurityScan : Cleaned with backup
C:\WINNT\system32\uwwhpf.exe -> Spyware.Adstart : Cleaned with backup
C:\WINNT\system32\vpmredir.dll -> Spyware.Look2Me : Cleaned with backup
C:\WINNT\system32\wenrnr.dll -> Spyware.Look2Me : Cleaned with backup
C:\WINNT\system32\wfvdmod.dll -> Spyware.Look2Me : Cleaned with backup
C:\WINNT\visfxun.exe -> TrojanDownloader.VB.kd : Cleaned with backup
::Report End
And the Hi-Jack this...
Logfile of HijackThis v1.99.1
Scan saved at 4:44:44 PM, on 8/9/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\WINNT\system32\DRIVERS\CDANTSRV.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\WINNT\system32\nvsvc32.exe
C:\3dsmax7\mentalray\satellite\raysat_3dsmax7server.exe
C:\WINNT\system32\regsvc.exe
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\MsPMSPSv.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\rundll32.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Common Files\Roxio Shared\Project Selector\projselector.exe
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Roxio\Roxio DVDMax Player\PDVDServ.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINNT\system32\hnjjhp.exe
C:\Program Files\Microtek\ScanWizard 5\ScannerFinder.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE
C:\Documents and Settings\jfrisbie\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [projselector] "C:\Program Files\Common Files\Roxio Shared\Project Selector\projselector.exe" -r
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe"
O4 - HKLM\..\Run: [RemoteControl] C:\Program Files\Roxio\Roxio DVDMax Player\PDVDServ.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Ink Monitor] C:\Program Files\EPSON\Ink Monitor\InkMonitor.exe
O4 - HKLM\..\Run: [KavSvc] C:\WINNT\system32\hnjjhp.exe reg_run
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINNT\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Microtek Scanner Finder.lnk = C:\Program Files\Microtek\ScanWizard 5\ScannerFinder.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {4208FB4D-4E53-4F5A-BF7A-3E047DDB5281} (ActiveX Control) - http://www.icannnews.../ST/ActiveX.ocx
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = hamilton-exhibits.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = hamilton-exhibits.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = hamilton-exhibits.com
O20 - Winlogon Notify: Syncmgr - C:\WINNT\system32\guard.tmp
O23 - Service: Autodesk Licensing Service - Unknown owner - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINNT\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\system32\nvsvc32.exe
O23 - Service: RaySat_3dsmax7 Server (RaySat_3dsmax7Server) - Unknown owner - C:\3dsmax7\mentalray\satellite\raysat_3dsmax7server.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe