[PCW_Nut]

Trying to get rid of this crap from my PC, any help would be great. Here's my hijack this logfile

Logfile of HijackThis v1.99.1
Scan saved at 11:00:07 AM, on 9/8/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\svchost.exe
c:\windows\system32\rmwpbl.exe
C:\PROGRA~1\NETASS~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Visual Networks\Visual IP InSight\Sympatico Consumer\IPClient.exe
C:\Program Files\Visual Networks\Visual IP InSight\Sympatico Consumer\IPMon32.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Microsoft Hardware\Keyboard\speedkey.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\SM1BG.EXE
C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
C:\Program Files\Wlwi\Wgbzzdf.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\invbn.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\NetAssistant\bin\mpbtn.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Applications\HiJack This\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = sympatico.ca
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = sympatico.ca
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 - Toolbar: (no name) - {FAA356E4-D317-42a6-AB41-A3021C6E7D52} - (no file)
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\NETASS~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [IPInSightLAN 01] "C:\Program Files\Visual Networks\Visual IP InSight\Sympatico Consumer\IPClient.exe" -l
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\Program Files\Visual Networks\Visual IP InSight\Sympatico Consumer\IPMon32.exe"
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [Microsoft IntelliType Pro] "C:\Program Files\Microsoft Hardware\Keyboard\speedkey.exe"
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SC1k6] C:\WINDOWS\itbnwpc.exe
O4 - HKLM\..\Run: [version] C:\WINDOWS\system32\Ixiuzy.exe
O4 - HKLM\..\Run: [SM1BG] C:\WINDOWS\SM1BG.EXE
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [Wvobq] C:\Program Files\Wlwi\Wgbzzdf.exe
O4 - HKLM\..\Run: [AoveU] C:\WINDOWS\itbnwpc.exe
O4 - HKLM\..\Run: [p2pnetwork] p2pnetwork.exe
O4 - HKLM\..\Run: [$.øëõÞ/βE6ß~!Þy½¨C:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\itbnwpc.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BNInv] invbn.exe
O4 - HKLM\..\Run: [8cbeKAaK] C:\WINDOWS\itbnwpc.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ifdkvc] c:\windows\system32\rmwpbl.exe r
O4 - HKLM\..\RunServices: [p2pnetwork] p2pnetwork.exe
O4 - HKCU\..\Run: [p2pnetwork] p2pnetwork.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\RunServices: [p2pnetwork] p2pnetwork.exe
O4 - Global Startup: NetAssistant.lnk = C:\Program Files\NetAssistant\bin\matcli.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O9 - Extra 'Tools' menuitem: &Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O15 - Trusted Zone: http://ny.contentmatch.net (HKLM)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zon...kr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1120273810537
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.kodakgall..._1/axofupld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zon...ro.cab32846.cab
O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zon...oF.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zon...wn.cab31267.cab
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Unknown owner - C:\PROGRA~1\AVGANT~1.0\avgamsvr.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

[Advertisements]

Hello

Sorry for the delayed response, it has been very busy lately.

If you still require help please post a new Hijack log in this
thread and I will help you. If your problem has been fixed please
respond and let us know.

Thanks

[loophole]

Hello

Sorry for the delayed response, it has been very busy lately.

If you still require help please post a new Hijack log in this
thread and I will help you. If your problem has been fixed please
respond and let us know.

Thanks

[PCW_Nut]

Yes, I still need help

Here's the new log file.

Logfile of HijackThis v1.99.1
Scan saved at 11:35:18 AM, on 9/10/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
c:\windows\system32\zhomrh.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\NETASS~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Visual Networks\Visual IP InSight\Sympatico Consumer\IPClient.exe
C:\Program Files\Visual Networks\Visual IP InSight\Sympatico Consumer\IPMon32.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Microsoft Hardware\Keyboard\speedkey.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\SM1BG.EXE
C:\Program Files\Wlwi\Wgbzzdf.exe
C:\WINDOWS\system32\invbn.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Winamp\Winamp.exe
C:\Documents and Settings\Josh\Desktop\msnmsgr.exe
C:\Program Files\Outlook Express\Msimn.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
D:\Applications\HiJack This\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = sympatico.ca
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = sympatico.ca
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 - Toolbar: (no name) - {FAA356E4-D317-42a6-AB41-A3021C6E7D52} - (no file)
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\NETASS~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [IPInSightLAN 01] "C:\Program Files\Visual Networks\Visual IP InSight\Sympatico Consumer\IPClient.exe" -l
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\Program Files\Visual Networks\Visual IP InSight\Sympatico Consumer\IPMon32.exe"
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [Microsoft IntelliType Pro] "C:\Program Files\Microsoft Hardware\Keyboard\speedkey.exe"
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SC1k6] C:\WINDOWS\itbnwpc.exe
O4 - HKLM\..\Run: [version] C:\WINDOWS\system32\Ixiuzy.exe
O4 - HKLM\..\Run: [SM1BG] C:\WINDOWS\SM1BG.EXE
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [Wvobq] C:\Program Files\Wlwi\Wgbzzdf.exe
O4 - HKLM\..\Run: [AoveU] C:\WINDOWS\itbnwpc.exe
O4 - HKLM\..\Run: [p2pnetwork] p2pnetwork.exe
O4 - HKLM\..\Run: [$.øëõÞ/βE6ß~!Þy½¨C:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\itbnwpc.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BNInv] invbn.exe
O4 - HKLM\..\Run: [8cbeKAaK] C:\WINDOWS\itbnwpc.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [qeafgn] c:\windows\system32\zhomrh.exe r
O4 - HKLM\..\RunServices: [p2pnetwork] p2pnetwork.exe
O4 - HKCU\..\Run: [p2pnetwork] p2pnetwork.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\RunServices: [p2pnetwork] p2pnetwork.exe
O4 - Global Startup: NetAssistant.lnk = C:\Program Files\NetAssistant\bin\matcli.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O9 - Extra 'Tools' menuitem: &Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O15 - Trusted Zone: http://ny.contentmatch.net (HKLM)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zon...kr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1120273810537
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.kodakgall..._1/axofupld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zon...ro.cab32846.cab
O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zon...oF.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zon...wn.cab31267.cab
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Unknown owner - C:\PROGRA~1\AVGANT~1.0\avgamsvr.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - c:\windows\SvcProc.exe

[loophole]

Hello and welcome to Geeks to Go

I see you have been infected by malware. Lets get you fixed up.
Please follow the directions as closely as you can . Lets begin

Please download ewido security suite it is a free version of the program.

• Install ewido security suite
• When installing, under "Additional Options" uncheck..
  • Install background guard
  • Install scan via context menu
• Launch ewido, there should be an icon on your desktop, double-click it.
• The program will now open to the main screen.
• When you run ewido for the first time, you may get a warning "Database could not be found!". Click OK. We will fix this in a moment.
  
• You will need to update ewido to the latest definition files.
  • On the left hand side of the main screen click update.
  • Then click on Start Update.
• The update will start and a progress bar will show the updates being installed.
  (the status bar at the bottom will display ("Update successful")

If you are having problems with the updater, you can use this link to manually update ewido.
ewido manual updates

Once the updates are installed Close Ewido

Download and install CleanUp! Here
but do not run it yet.
*NOTE* Cleanup deletes EVERYTHING out of temp/temporary folders and does not make backups.

1.Download the latest version of Ad-Aware (Ad-Aware SE Build 1.06r1) from here.

Install Ad-Aware using the default options


2. Download the VX2 Cleaner Plug-in Here

Then install vx2cleaner, using all the defaults there as well.

3. Run Ad-Aware
*Update to the latest definitions
*Then click on Add-ons in the lefthand column.
*Select VX2 Cleaner V2.0 and click Run Tool. Click "OK".
*If something is found, click "Clean" as in the directions given.
*Click "Close", and EXIT Ad-Aware.
4. Reboot your PC and run Ad-Aware again.
*This time, click on the Start button in Ad-Aware
*Select "Perform smart system scan" and click Next.
*Once the scan finishes, click "Next" again.
*Select all objects found ("right click anywhere in the list of found objects and *click "Select All Objects").
*Click "Next" one more time, then "OK" to confirm the removal.
*You will be prompted to set Ad-Aware to run on reboot, click "OK".
*Exit Ad-Aware
REBOOT your PC into safemode
Please reboot into safe mode Safe mode(continually tap the F8 key while your system is starting, select Safe Mode from the menu).

When Ad-Aware starts up, click on "Start", then "Next".
Follow the steps above if anything is found, or click "Finish", then EXIT Ad-Aware.

Now run cleanup

Open Ewido
:

• Click on scanner
• Click on Complete System Scan and the scan will begin.
• You will be prompted to clean the first infection.
• Select "Perform action on all infections", then proceed.
• Once the scan has completed, there will be a button located on the bottom of the screen named Save report
• Click Save report.
• Save the report .txt file to your desktop or a location where you can find it easily.

Please re-open HiJackThis and scan. Check the boxes next to all the entries listed below.

O3 - Toolbar: (no name) - {FAA356E4-D317-42a6-AB41-A3021C6E7D52} - (no file)
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O4 - HKLM\..\Run: [Wvobq] C:\Program Files\Wlwi\Wgbzzdf.exe
O4 - HKLM\..\Run: [AoveU] C:\WINDOWS\itbnwpc.exe
O4 - HKLM\..\Run: [BNInv] invbn.exe
O4 - HKLM\..\Run: [8cbeKAaK] C:\WINDOWS\itbnwpc.exe
O4 - HKLM\..\Run: [qeafgn] c:\windows\system32\zhomrh.exe r
O15 - Trusted Zone: http://ny.contentmatch.net (HKLM)


Now close all windows other than HiJackThis, then click Fix Checked.

Reboot and post the Ewido log and a New Hijack log to review .

[PCW_Nut]

I tried your first method and it seems to have worked...thank you.

[loophole]

Reboot and post the Ewido log and a New Hijack log to review

.

You forgot these we still have work to do

[PCW_Nut]

There ya go
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 1:45:35 PM, 9/10/2005
+ Report-Checksum: 364717BC

+ Scan result:

C:\WINDOWS\Downloaded Program Files\atrc8parb_.exe -> Adware.SAHA : Ignored
C:\WINDOWS\Downloaded Program Files\umqltg4cl_.exe -> Adware.SAHA : Ignored
C:\WINDOWS\Downloaded Program Files\hqrhil7kg_.exe -> Adware.SAHA : Ignored
C:\WINDOWS\Downloaded Program Files\umqltg4cl_.ini -> Adware.SAHA : Ignored
HKU\S-1-5-21-484763869-113007714-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-59D4-4008-9058-080011001200} -> Spyware.VX2 : Cleaned with backup
HKU\S-1-5-21-484763869-113007714-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000010-6F7D-442C-93E3-4A4827C2E4C8} -> Spyware.InternetOptimizer : Cleaned with backup
HKU\S-1-5-21-484763869-113007714-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000049-8F91-4D9C-9573-F016E7626484} -> Spyware.BetterInternet : Cleaned with backup
HKU\S-1-5-21-484763869-113007714-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10E42047-DEB9-4535-A118-B3F6EC39B807} -> Spyware.SideFind : Cleaned with backup
HKU\S-1-5-21-484763869-113007714-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{86227D9C-0EFE-4F8A-AA55-30386A3F5686} -> Spyware.YourSiteBar : Cleaned with backup
HKU\S-1-5-21-484763869-113007714-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3FDD654-A057-4971-9844-4ED8E67DBBB8} -> Spyware.ISTBar : Cleaned with backup
HKU\S-1-5-21-484763869-113007714-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F4E04583-354E-4076-BE7D-ED6A80FD66DA} -> Spyware.BargainBuddy : Cleaned with backup
HKU\S-1-5-21-484763869-113007714-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FAA356E4-D317-42A6-AB41-A3021C6E7D52} -> Spyware.ISTBar : Cleaned with backup
[1788] C:\Program Files\Wlwi\Wgbzzdf.exe -> Trojan.Small.cy : Cleaned with backup
[1872] C:\WINDOWS\system32\invbn.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\WINDOWS\SYSTEM32\invbn.exe -> Spyware.BargainBuddy : Cleaned with backup
C:\WINDOWS\ndzcpvlavh.exe -> Adware.BetterInternet : Cleaned with backup
C:\Program Files\Mozilla Firefox\plugins\npzango.dll -> Spyware.WinAD : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\B1F17969-C916-45D3-AF31-3EADC9\33D43B6D-A10A-4497-8118-408572 -> Adware.BetterInternet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\1F1D8341-9202-481F-A589-D57CE3\BED39786-1709-46BD-B9AE-BCB666 -> Adware.SAHA : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\67ACCC0B-7A18-4BF9-AD36-3D8AF3\09F33903-A264-48B9-9698-F2DF60 -> Spyware.180Solutions : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\FA466F53-EADF-4C66-BA13-094892\8BB95A31-687C-4741-8403-DEE5A3 -> Adware.SAHA : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\20403B0E-6FAF-47D3-B450-9A1AA6\5142B39E-5BAC-4749-8C47-1CD7B1 -> Adware.SAHA : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\7AE3D32F-3AFB-477A-B156-A21B14\FA84AF0A-8045-4FC3-BBCF-B21121 -> Spyware.180Solutions : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\4E14A23F-A77C-4B00-8BB3-F14270\2595F013-6D77-43C5-B070-05BCAE -> TrojanDownloader.IstBar.kg : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\50D15248-BAB1-4E45-97D5-930A7B\61FE91CF-71D3-4103-9FBD-9632B2 -> Adware.SAHA : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\0689315E-F82C-49A8-8D68-50D409\28262ED3-B331-46FB-A6E7-D48EAB -> Adware.SAHA : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\0689315E-F82C-49A8-8D68-50D409\9FC55B9E-F73D-4382-AA04-C1435F -> Adware.SAHA : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\ACCB6D18-B120-4511-8259-D75481\D7319D40-56DB-4EA5-9F90-73F018 -> Spyware.180Solutions : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\162CF163-362A-4E4E-BCF7-297C17\708E68D3-E641-44C6-9841-3C9B55 -> Adware.BetterInternet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\B19F3A97-D498-4170-A5E2-9B62E6\40B35AAD-6426-4348-979B-D52A8F -> Trojan.Agent.db : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\D532A4C9-84DC-47AB-95F8-13EB13\E9EAD8EB-EE0E-462B-93DA-7E0359 -> Trojan.Agent.db : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\4D14D5D6-EF91-4C61-9A0C-1550B5\839AD0D1-CE7E-49CA-ABD7-C69FAD -> Adware.BetterInternet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\B5019E6E-D469-4857-9618-4053D6\1B4D6374-D93F-4EA5-A555-F6E8E7 -> Adware.BetterInternet : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\2E33E70E-95F1-4971-B545-B0070B\4995777C-D97C-4DBD-963F-05F908 -> Adware.SAHA : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\CDA1CDD2-BD80-4EAF-A48B-14426C\9033BAFB-90B4-4167-97CF-0AD70F -> Spyware.180Solutions : Cleaned with backup
C:\Program Files\Microsoft AntiSpyware\Quarantine\E31750BB-B81B-4E3E-8BAA-B376BA\5485BDD1-3898-455B-959A-81F7BB -> Adware.SAHA : Cleaned with backup
C:\Program Files\Wlwi\Wgbzzdf.exe -> Trojan.Small.cy : Cleaned with backup
C:\Documents and Settings\Josh\Local Settings\Temp\Cookies\josh@abetterinternet[1].txt -> Spyware.Cookie.Abetterinternet : Cleaned with backup
C:\Documents and Settings\Josh\Cookies\[email protected][1].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Josh\Cookies\[email protected][2].txt -> Spyware.Cookie.Sidefind : Cleaned with backup
C:\Documents and Settings\Josh\Cookies\josh@abetterinternet[1].txt -> Spyware.Cookie.Abetterinternet : Cleaned with backup
C:\Documents and Settings\Josh\Cookies\josh@goldenpalace[2].txt -> Spyware.Cookie.Goldenpalace : Cleaned with backup
:mozilla.9:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Xxxcounter : Cleaned with backup
:mozilla.10:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Paycounter : Cleaned with backup
:mozilla.15:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.16:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.17:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.18:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.19:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.20:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.21:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.22:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.23:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.24:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.25:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.26:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.27:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.31:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
:mozilla.32:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.40:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.41:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.43:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.44:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.45:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.46:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.49:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.51:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.52:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.53:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.58:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.59:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.60:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.61:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.62:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.63:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.64:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.65:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.67:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.68:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.69:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.70:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.74:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.75:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.77:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.78:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sextracker : Cleaned with backup
:mozilla.80:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.81:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup
:mozilla.82:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.83:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.86:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.87:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.88:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.89:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.94:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.95:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.96:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Sextracker : Cleaned with backup
:mozilla.101:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.102:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.129:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.130:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.131:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.132:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.133:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.134:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.135:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.136:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.148:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.149:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.150:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.151:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.152:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.153:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.154:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Trafficmp : Cleaned with backup
:mozilla.155:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.156:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.167:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Addynamix : Cleaned with backup
:mozilla.170:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.171:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.172:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.173:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.174:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.175:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.176:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.177:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.178:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.188:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.189:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.190:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.191:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Counted : Cleaned with backup
:mozilla.192:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Counted : Cleaned with backup
:mozilla.193:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Counted : Cleaned with backup
:mozilla.194:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.195:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.196:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.198:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.199:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.200:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.201:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.202:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.203:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.204:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.205:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.206:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.207:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.209:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.210:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.211:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.212:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.213:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.214:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.215:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.216:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.217:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.218:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.219:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.220:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.221:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.222:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.223:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.224:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.225:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.226:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.227:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.228:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.229:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.230:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.231:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.232:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.233:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.234:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.235:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.236:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.237:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.238:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.239:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.240:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.241:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.242:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.243:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.244:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.245:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.246:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.247:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.249:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
:mozilla.250:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
:mozilla.295:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.296:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.297:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.298:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.300:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.301:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.302:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.303:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Specificclick : Cleaned with backup
:mozilla.328:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.329:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.330:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.331:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.332:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.333:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.334:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.335:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.348:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.349:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.350:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.351:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.352:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.353:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.366:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Euroclick : Cleaned with backup
:mozilla.367:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Euroclick : Cleaned with backup
:mozilla.368:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Euroclick : Cleaned with backup
:mozilla.369:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.388:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Adengage : Cleaned with backup
:mozilla.389:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Adengage : Cleaned with backup
:mozilla.390:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Adengage : Cleaned with backup
:mozilla.401:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.402:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.424:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.425:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.426:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.427:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.428:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.435:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.441:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.442:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.443:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.444:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.445:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.446:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.447:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.448:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.449:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.450:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.451:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.452:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.453:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.454:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.455:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.456:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.464:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Revenue : Cleaned with backup
:mozilla.471:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.472:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.473:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Qksrv : Cleaned with backup
:mozilla.474:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Qksrv : Cleaned with backup
:mozilla.501:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.502:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.503:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.504:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.505:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.506:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.507:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.508:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.509:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.510:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.511:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.512:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.513:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.514:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.515:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.516:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.558:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Clickhype : Cleaned with backup
:mozilla.570:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Cqcounter : Cleaned with backup
:mozilla.571:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.573:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.574:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.575:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.605:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.649:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.247realmedia : Cleaned with backup
:mozilla.650:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.247realmedia : Cleaned with backup
:mozilla.688:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Masterstats : Cleaned with backup
:mozilla.718:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.719:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.720:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
:mozilla.744:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.745:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.746:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.747:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.760:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
:mozilla.761:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Onestat : Cleaned with backup
:mozilla.774:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
:mozilla.779:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Bfast : Cleaned with backup
:mozilla.782:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.811:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.812:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.813:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.814:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.815:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.822:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.845:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.854:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Coremetrics : Cleaned with backup
:mozilla.857:C:\Documents and Settings\Josh\Application Data\Mozilla\Firefox\Profiles\ekpvff9a.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.858:C:\Documents and Settings\Josh\App

[loophole]

Hijack log please

[PCW_Nut]

Logfile of HijackThis v1.99.1
Scan saved at 2:10:24 PM, on 9/11/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\NETASS~1\SMARTB~1\MotiveSB.exe
C:\Program Files\Visual Networks\Visual IP InSight\Sympatico Consumer\IPClient.exe
C:\Program Files\Visual Networks\Visual IP InSight\Sympatico Consumer\IPMon32.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Microsoft Hardware\Keyboard\speedkey.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\SM1BG.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Applications\HiJack This\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = sympatico.ca
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = sympatico.ca
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\NETASS~1\SMARTB~1\MotiveSB.exe
O4 - HKLM\..\Run: [IPInSightLAN 01] "C:\Program Files\Visual Networks\Visual IP InSight\Sympatico Consumer\IPClient.exe" -l
O4 - HKLM\..\Run: [IPInSightMonitor 01] "C:\Program Files\Visual Networks\Visual IP InSight\Sympatico Consumer\IPMon32.exe"
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [Microsoft IntelliType Pro] "C:\Program Files\Microsoft Hardware\Keyboard\speedkey.exe"
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SC1k6] C:\WINDOWS\itbnwpc.exe
O4 - HKLM\..\Run: [SM1BG] C:\WINDOWS\SM1BG.EXE
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [Wvobq] C:\Program Files\Wlwi\Wgbzzdf.exe
O4 - HKLM\..\Run: [AoveU] C:\WINDOWS\itbnwpc.exe
O4 - HKLM\..\Run: [p2pnetwork] p2pnetwork.exe
O4 - HKLM\..\Run: [$.øëõÞ/βE6ß~!Þy½¨C:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\itbnwpc.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [8cbeKAaK] C:\WINDOWS\itbnwpc.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\RunServices: [p2pnetwork] p2pnetwork.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet
O4 - HKCU\..\RunServices: [p2pnetwork] p2pnetwork.exe
O4 - Global Startup: NetAssistant.lnk = C:\Program Files\NetAssistant\bin\matcli.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\YAHOO!\MESSEN~1\YPAGER.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O9 - Extra 'Tools' menuitem: &Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zon...kr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.micros...b?1120273810537
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.kodakgall..._1/axofupld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zon...ro.cab32846.cab
O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zon...oF.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zon...wn.cab31267.cab
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Unknown owner - C:\PROGRA~1\AVGANT~1.0\avgamsvr.exe (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

[loophole]

Great

Please re-open HiJackThis and scan. Check the boxes next to all the entries listed below.

R3 - Default URLSearchHook is missing
O4 - HKLM\..\Run: [SC1k6] C:\WINDOWS\itbnwpc.exe
O4 - HKLM\..\Run: [Wvobq] C:\Program Files\Wlwi\Wgbzzdf.exe
O4 - HKLM\..\Run: [AoveU] C:\WINDOWS\itbnwpc.exe
O4 - HKLM\..\Run: [p2pnetwork] p2pnetwork.exe
O4 - HKLM\..\Run: [$.øëõÞ/βE6ß~!Þy½¨C:\Program Files\\istsvc.exe] C:\WINDOWS\itbnwpc.exe
O4 - HKLM\..\Run: [8cbeKAaK] C:\WINDOWS\itbnwpc.exe
O4 - HKLM\..\RunServices: [p2pnetwork] p2pnetwork.exe
O4 - HKCU\..\RunServices: [p2pnetwork] p2pnetwork.exe

Now close all windows other than HiJackThis, then click Fix Checked. Reboot into safe mode.

Restart your computer and as soon as it starts booting up again continuously tap F8. A menu should come up where you will be given the option to enter Safe Mode.
Please remove these entries from Add/Remove Programs in the Control Panel(if present):

ISTsvc
Wlwi


color=blue]Please note any other programs that you dont recognize in that list in your next response[/color]

Please delete these folders using Windows Explorer(if present):

C:\Program Files\istsvc.exe
C:\Program Files\Wlwi
C:windows\system32\p2pnetwork

Please delete these files using Windows Explorer(if present):

C:\WINDOWS\itbnwpc.exe

After that, Reboot.

Please run this online virus scan:
Panda Active Scan You need to use Internet Explorer for this scan.

• Once you get to the Panda site, scroll down a bit and click on Scan your PC
• A new window will appear; click on Check Now!
• A new window will appear; fill in the boxes (Country, State, email addy)
• Click on Scan Now! >
  If you have never used ActiveScan before, you will be prompted to install an ActiveX control (asinst.cab) : click on Install. Panda will install the component, and then install the latest signature files.
• From "Select a device to scan...", choose "My Computer"
• Allow the scan to run. It'll take a while.
• When complete, click on "See Report", and then on "Save report"; save it to a convenient location.
• I will need you to post that report in your next reply; simply open the text file, then copy/paste the content here. Also post a new Hijack log

Thanks

[loophole]

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.