[hornet67]

I have been infected with a virus, here's the messy stuff:

1, I now have six question marks next to my clock (??????)
2, It's removed the 'run' button on the Start menu.
3, If i try to bring up the Task Manager it says this has been disabled by the administrator. (which it hasn't, because it's my personal compy)
4, It tried to email all my addresses etc,

I'm running Windows XP, if you need any other information please ask.
Successful virus destroyee will have my firstborn child named after them.
Thanks, Gary.

[Cheeseball81]

Hi and welcome

* Click here to download HJTsetup.exe.
Save HJTsetup.exe to your desktop.

Double click on the HJTsetup.exe icon on your desktop.
By default it will install to C:\Program Files\Hijack This.
Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
Put a check by Create a desktop icon then click Next again.
Continue to follow the rest of the prompts from there.
At the final dialogue box click Finish and it will launch Hijack This.
Click on the Do a system scan and save a log file button. It will scan and then ask you to save the log.
Click Save to save the log file and then the log will open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
Come back here to this thread and Paste the log in your next reply.
DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.

[hornet67]

Thanks! Here we are: note the question marks are there too!

Logfile of HijackThis v1.99.1
Scan saved at 22:17:28 ??????, on 26/05/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Apache Group\Apache\Apache.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Apache Group\Apache\Apache.exe
C:\Program Files\TDK Systems\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\KService\KService.exe
C:\mysql\bin\mysqld-nt.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe
C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\AOL\1142514794\ee\AOLHostManager.exe
C:\Program Files\Common Files\AOL\1142514794\ee\AOLServiceHost.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\VoyagerTest\fts.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\kdx\KHost.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
c:\program files\common files\aol\1142514794\ee\services\antiSpywareApp\ver2_0_12\AOLSP Scheduler.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Common Files\AOL\1142514794\ee\AOLServiceHost.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\AOL 9.0\waol.exe
C:\Program Files\AOL 9.0\shellmon.exe
C:\Program Files\Common Files\AOL\aoltpspd.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bi...e=6&key=SEARCH
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://127.0.0.1/xxxsite-u/index.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\uk.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bi...e=6&key=SEARCH
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://127.0.0.1/xxxsite-u/index.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
N4 - Mozilla: user_pref("browser.startup.homepage", "http://www.mozilla.org/start/"); (C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\prefs.js)
N4 - Mozilla: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5Cmozilla.org%5CMozilla%5Csearchplugins%5CNetscapeSe arch.src"); (C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\prefs.js)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\Ipswitch\WS_FTP Home\wsbho2k0.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe"
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1142514794\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
O4 - HKLM\..\Run: [delcab] C:\drivers\deltreew.exe C:\cabs
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [CleanEasyImg] c:\apps\easydvd\cleanall.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\VoyagerTest\fts.exe"
O4 - HKLM\..\RunServices: [Microsoft Windows SVH Drivers] svhda.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [kdx] C:\WINDOWS\kdx\KHost.exe -all
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\RunServices: [Microsoft Windows SVH Drivers] svhda.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\TDK Systems\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\TDK Systems\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\TDK Systems\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\uk.htm
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} - http://us.chat1.yimg.com/us.yimg.com...45/yacscom.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...9x/AvSniff.cab
O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} - http://install.wildtangent.com/Activ...veLauncher.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aolsvc.aol.co.uk/comput...up/qdiagcc.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/acti..._v1-0-3-30.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} (InstallShield Setup Player 2K2) - http://sib1.od2.com/common/Member/Cl.../OCI/setup.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by101fd.bay101.hotmail.msn.co...s/MsnPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1141744372718
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {AE9DCB17-F804-11D2-A44A-0020182C1446} (IntraLaunch.MainControl) - file://D:\SuperCD\IntraLaunch.CAB
O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} (Symantec Download Bridge) - https://a248.e.akamai.net/f/248/5462...l/SymDlBrg.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10...o.cab34246.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yaho...tocomplete.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game01.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/tech...ActiveData.cab
O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - http://liveca12.custhelp.com/7530-b3.../java/RntX.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://creative.com/su/ocx/15016/CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B95942C8-21DE-4F68-9F1E-B3D3DB9CE39B}: NameServer = 205.188.146.145
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe (file missing)
O23 - Service: Apache - Unknown owner - C:\Program Files\Apache Group\Apache\Apache.exe" --ntservice (file missing)
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\TDK Systems\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\KService\KService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MySql - Unknown owner - C:/mysql/bin/mysqld-nt.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe

[Cheeseball81]

* Click here to download the trial version of Ewido Security Suite.

· Install Ewido.
· During the installation, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
· Launch ewido.
· It will prompt you to update click the OK button and it will go to the main screen.
· On the left side of the main screen click update.
· Click on Start and let it update.
· DO NOT run a scan yet.

Restart your computer into Safe Mode now.
(Start tapping the F8 key at Startup, before the Windows logo screen).
Perform the following steps in Safe Mode:

* Run Ewido:
Click on scanner
Click Complete System Scan and the scan will begin.
During the scan it will prompt you to clean files, click OK.
When the scan is finished, look at the bottom of the screen and click the Save report button.
Save the report to your desktop.

Reboot.

Post a new Hijack This log and the results of the Ewido scan.

[hornet67]

Here's the results, i have to split them over posts as it won't let me post the whole thing.
Thanks.

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 23:38:03 ??????, 27/05/2006
+ Report-Checksum: D8D51269

+ Scan result:

:mozilla.6:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.7:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.27:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.31:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.32:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.40:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.41:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.43:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.44:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.45:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.46:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.49:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.51:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.52:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.53:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.58:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.59:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.60:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.61:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.62:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.63:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.64:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.65:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.67:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.68:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.69:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.70:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.74:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.75:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.77:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.81:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.96:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Hotlog : Cleaned with backup
:mozilla.102:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Paycounter : Cleaned with backup
:mozilla.103:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Paycounter : Cleaned with backup
:mozilla.110:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.123:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Yadro : Cleaned with backup
:mozilla.125:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Cqcounter : Cleaned with backup
:mozilla.140:C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\cookies.txt -> TrackingCookie.Masterstats : Cleaned with backup
:mozilla.12:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.13:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.14:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.15:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.20:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.22:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.23:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.26:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.27:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.31:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.32:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.52:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Yadro : Cleaned with backup
:mozilla.53:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.61:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.67:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.70:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.312:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.313:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.323:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.324:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.325:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.326:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.327:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.348:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.349:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.367:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Realtracker : Cleaned with backup
:mozilla.368:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Realtracker : Cleaned with backup
:mozilla.399:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.435:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.442:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.472:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.473:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.475:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.476:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.477:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.479:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.480:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.481:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.482:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.493:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.494:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.499:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.501:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.511:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.512:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.524:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.529:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.531:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.533:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.534:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.535:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.536:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.538:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup

[hornet67]

:mozilla.539:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.540:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.543:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.545:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.546:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.547:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.561:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.562:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.660:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.686:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.710:C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.6:C:\Documents and Settings\Gary E\Application Data\Phoenix\Profiles\default\0tp4myy1.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.7:C:\Documents and Settings\Gary E\Application Data\Phoenix\Profiles\default\0tp4myy1.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Gary E\Application Data\Phoenix\Profiles\default\0tp4myy1.slt\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Gary E\Application Data\Phoenix\Profiles\default\0tp4myy1.slt\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Gary E\Application Data\Phoenix\Profiles\default\0tp4myy1.slt\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Gary E\Application Data\Phoenix\Profiles\default\0tp4myy1.slt\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
C:\Documents and Settings\Gary E\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv505.jar-11fac7b6-5652d272.zip/Dummy.class -> Not-A-Virus.Exploit.ByteVerify : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@112.2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@a-1shz2prbmdj6wvny-1sez2pra2dj6wjl...ure[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@ads.euniverseads[1].txt -> TrackingCookie.Euniverseads : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@ads.realcastmedia[2].txt -> TrackingCookie.Realcastmedia : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@bellglobemediapublishing.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@cneteurope.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@cnn.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@com[2].txt -> TrackingCookie.Com : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@content.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@cz7.clickzs[1].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@data2.perf.overture[2].txt -> TrackingCookie.Overture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfk4agdpgco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfk4cocpwdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfk4ghdzeeo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfk4ukc5sdo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfk4whd5khp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfkiahazggo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfkieoazoho.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfkigldzglq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfkiqocjckp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfkiwjajeao.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfkoancjkho.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfkocpazmbq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfkoehczgbp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfkognczclo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfkoqpdjgcq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfkougajwco.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfkowid5mfo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfkownazeco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfkycmc5agp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfkykmcjaao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfkyuid5ofq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfl4gocpifq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfl4khcjado.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfl4kidpsgo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfl4skdpigp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wflighdzgep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfligkazakq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfliomajekq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfliqmczkdq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfliwhcjiep.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wflocgajeko.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfloqkdpgkp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wflyoiazglp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfmiamczcfo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfmighcpalq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfmiqndjmdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfmismcpwlo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfmiwhd5ggp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfmiwkazslq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfmyeocjwhp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wfmyqldjgao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wgk4qpdjgbq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wgk4slcjgcp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wgkigld5ikp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wgkikodzafo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wgkiwkczsfo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wgkoahd5wao.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wgkoglazccp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wgkoulc5oco.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wgkowhdzcdp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wgkowkc5efo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wgkygmazafp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wgkyqhcpkbq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wgkywkczkdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wgl4qgc5sfo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjk4elajokp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjk4gkazmdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjk4kkczggp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjk4kld5kdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjk4ugdzwko.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjk4undjieq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjk4upajgkq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjkoancpglo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjkoehcpclq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjkoqhajabp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjkyegdzocp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjkysjdjgfp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjl4ajdjggo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjl4ckc5wcp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjl4uoczmbo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjliknazsdo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjliooazabo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjlisnczmlp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjlogpajkgp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjloogdzegp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjloqkc5olo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjlowicpcdq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjlowid5mgo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjlyamd5kfp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjlyslc5iao.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjlyujd5wdo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjmiamd5cgp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjmieldpckq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjmigpcjocp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjmiolcjkep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjmioncjmap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjmiqgc5sco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjmyelcpkep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjmyenajcep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjmyendpcdo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjmygocpicp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjmysgd5cep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjmysld5scq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjmyuodpeep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjnyakd5sho.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjnyakdpgep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjnycndzoho.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjnyoic5gap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjnyqpazifq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@e-2dj6wjnyqpc5ecp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@eurostar.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@image.masterstats[2].txt -> TrackingCookie.Masterstats : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@ivwbox[1].txt -> TrackingCookie.Ivwbox : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@login.tracking101[2].txt -> TrackingCookie.Tracking101 : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@metacafe.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@microsoftuk.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@nbcuniversal.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@news.com[1].txt -> TrackingCookie.Com : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@premiumtv.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@programs.wegcash[2].txt -> TrackingCookie.Wegcash : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@saksfifthavenue.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@sales.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@server.lon.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@server3.web-stat[2].txt -> TrackingCookie.Web-stat : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@service.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@skyeurope.122.2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@stats.adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@vip.clickzs[1].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@webstat[1].txt -> TrackingCookie.Web-stat : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@www.burstbeacon[1].txt -> TrackingCookie.Burstbeacon : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@www.myaffiliateprogram[1].txt -> TrackingCookie.Myaffiliateprogram : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@www.web-stat[1].txt -> TrackingCookie.Web-stat : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@y-1shz2prbmdj6wvny-1sez2pra2dj6wfk...ure[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@y-1shz2prbmdj6wvny-1sez2pra2dj6wfk...ure[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@y-1shz2prbmdj6wvny-1sez2pra2dj6wfk...ure[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@y-1shz2prbmdj6wvny-1sez2pra2dj6wfk...ure[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@y-1shz2prbmdj6wvny-1sez2pra2dj6wfk...ure[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@y-1shz2prbmdj6wvny-1sez2pra2dj6wfk...ure[1].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@y-1shz2prbmdj6wvny-1sez2pra2dj6wfl...ure[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@y-1shz2prbmdj6wvny-1sez2pra2dj6wfl...ure[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@y-1shz2prbmdj6wvny-1sez2pra2dj6wjk...ure[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@y-1shz2prbmdj6wvny-1sez2pra2dj6wjl...ure[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@y-1shz2prbmdj6wvny-1sez2pra2dj6wjl...ure[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@y-1shz2prbmdj6wvny-1sez2pra2dj6wjm...ure[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Gary E\Cookies\gary e@yadro[2].txt -> TrackingCookie.Yadro : Cleaned with backup
C:\Program Files\ScanSpyware v3.8.0.4\SSBackup\ssTemp.zip/gary e@ads.euniverseads[1]4.txt -> TrackingCookie.Euniverseads : Cleaned with backup
C:\Program Files\ScanSpyware v3.8.0.4\SSBackup\ssTemp.zip/gary e@ads.realcastmedia[2]5.txt -> TrackingCookie.Realcastmedia : Cleaned with backup
C:\RECYCLER\S-1-5-21-2253077151-3868891257-2426844156-1005\Dc222.exe -> Worm.VB.ee : Cleaned with backup
C:\RECYCLER\S-1-5-21-2253077151-3868891257-2426844156-1005\Dc223.exe -> Worm.VB.ee : Cleaned with backup
C:\WINDOWS\system32\shehalx.dll -> Backdoor.IRCBot.od : Cleaned with backup
C:\WINDOWS\system32\Win1145695.exe -> Worm.VB.ee : Cleaned with backup


::Report End

[hornet67]

And the Hijack this log:

Logfile of HijackThis v1.99.1
Scan saved at 23:43:38 ??????, on 27/05/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Apache Group\Apache\Apache.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Apache Group\Apache\Apache.exe
C:\Program Files\TDK Systems\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\KService\KService.exe
C:\mysql\bin\mysqld-nt.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe
C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\VoyagerTest\fts.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Common Files\AOL\1142514794\ee\AOLHostManager.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\AOL\1142514794\ee\AOLServiceHost.exe
C:\WINDOWS\kdx\KHost.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
c:\program files\common files\aol\1142514794\ee\services\antiSpywareApp\ver2_0_12\AOLSP Scheduler.exe
C:\Program Files\Common Files\AOL\1142514794\ee\AOLServiceHost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bi...e=6&key=SEARCH
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://127.0.0.1/xxxsite-u/index.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\uk.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bi...e=6&key=SEARCH
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://127.0.0.1/xxxsite-u/index.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
N4 - Mozilla: user_pref("browser.startup.homepage", "http://www.mozilla.org/start/"); (C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\prefs.js)
N4 - Mozilla: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5Cmozilla.org%5CMozilla%5Csearchplugins%5CNetscapeSe arch.src"); (C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\prefs.js)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\Ipswitch\WS_FTP Home\wsbho2k0.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe"
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1142514794\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
O4 - HKLM\..\Run: [delcab] C:\drivers\deltreew.exe C:\cabs
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [CleanEasyImg] c:\apps\easydvd\cleanall.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\VoyagerTest\fts.exe"
O4 - HKLM\..\RunServices: [Microsoft Windows SVH Drivers] svhda.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [kdx] C:\WINDOWS\kdx\KHost.exe -all
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\RunServices: [Microsoft Windows SVH Drivers] svhda.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\TDK Systems\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\TDK Systems\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\TDK Systems\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\uk.htm
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} - http://us.chat1.yimg.com/us.yimg.com...45/yacscom.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...9x/AvSniff.cab
O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} - http://install.wildtangent.com/Activ...veLauncher.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aolsvc.aol.co.uk/comput...up/qdiagcc.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/acti..._v1-0-3-30.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} (InstallShield Setup Player 2K2) - http://sib1.od2.com/common/Member/Cl.../OCI/setup.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by101fd.bay101.hotmail.msn.co...s/MsnPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1141744372718
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {AE9DCB17-F804-11D2-A44A-0020182C1446} (IntraLaunch.MainControl) - file://D:\SuperCD\IntraLaunch.CAB
O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} (Symantec Download Bridge) - https://a248.e.akamai.net/f/248/5462...l/SymDlBrg.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10...o.cab34246.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yaho...tocomplete.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game01.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/tech...ActiveData.cab
O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - http://liveca12.custhelp.com/7530-b3.../java/RntX.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://creative.com/su/ocx/15016/CTPID.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe (file missing)
O23 - Service: Apache - Unknown owner - C:\Program Files\Apache Group\Apache\Apache.exe" --ntservice (file missing)
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\TDK Systems\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\KService\KService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MySql - Unknown owner - C:/mysql/bin/mysqld-nt.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe

[Cheeseball81]

Run ActiveScan online virus scan:
http://www.pandasoftware.com/products/activescan.htm

Once you are on the Panda site click the Scan your PC button.
A new window will open...click the Check Now button.
Enter your Country.
Enter your State/Province.
Enter your e-mail address and click send.
Select either Home User or Company.
Click the big Scan Now button.
If it wants to install an ActiveX component allow it.
It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
When download is complete, click on My Computer to start the scan.
When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location.
Post the contents of the ActiveScan report.

[hornet67]

Thank you!
Here we are:


Incident Status Location

Adware:adware/wupd Not disinfected Windows Registry
Spyware:Cookie/Rightmedia Not disinfected C:\Documents and Settings\Gary E\Application Data\Netscape\NSB\Profiles\t1t6kvv1.default\cookies.txt[.rightmedia.net/]
Spyware:Cookie/64.62.232 Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@64.62.232[6].txt
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@adopt.hbmediapro[1].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@adrevolver[1].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@adrevolver[3].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@ath.belnk[2].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@atwola[2].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@belnk[1].txt
Spyware:Cookie/Barelylegal Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@c.fsx[1].txt
Spyware:Cookie/GoStats Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@c2.gostats[2].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@casalemedia[2].txt
Spyware:Cookie/360i Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@ct.360i[2].txt
Spyware:Cookie/did-it Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@did-it[1].txt
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@dist.belnk[2].txt
Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@fe.lea.lycos[1].txt
Spyware:Cookie/GoStats Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@gostats[2].txt
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@go[1].txt
Spyware:Cookie/Mp3search Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@mp3search[2].txt
Spyware:Cookie/Rightmedia Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@rightmedia[1].txt
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@searchportal.information[1].txt
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@statcounter[1].txt
Spyware:Cookie/Target Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@target[1].txt
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@toplist[1].txt
Spyware:Cookie/Affiliate fuel Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@www.affiliatefuel[2].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@xiti[2].txt
Spyware:Cookie/Xmts Not disinfected C:\Documents and Settings\Gary E\Cookies\gary e@xmts[1].txt
Potentially unwanted tool:Application/Pskill.A Not disinfected C:\WINDOWS\RESTORE.INS[C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE]
Potentially unwanted tool:Application/Pskill.A Not disinfected C:\WINDOWS\system\RESTORE.INS[C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE]
Potentially unwanted tool:Application/Pskill.A Not disinfected E:\OSONLY\RESTORE.INS[C:/OEMCUST/TOOLS/WIN32/PSKILL.EXE]

[Cheeseball81]

Rescan with Hijack This.
Close all browser windows except Hijack This.
Put a check mark beside these entries and click "Fix Checked".

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://127.0.0.1/xxxsite-u/index.php

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://127.0.0.1/xxxsite-u/index.php

O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe

O4 - HKLM\..\RunServices: [Microsoft Windows SVH Drivers] svhda.exe

O4 - HKCU\..\RunServices: [Microsoft Windows SVH Drivers] svhda.exe

O16 - DPF: {3A7FE611-1994-4EF1-A09F-99456752289D} - http://install.wildtangent.com/Activ...veLauncher.cab

O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} (InstallShield Setup Player 2K2) - http://sib1.od2.com/common/Member/Cl.../OCI/setup.exe

Close Hijack This.

Please download the Killbox by Option^Explicit.

Note: In the event you already have Killbox, this is a new version that I need you to download.

• Save it to your desktop.
• Please double-click Killbox.exe to run it.
• Select:
  • Delete on Reboot
  • then Click on the All Files button.
• Please copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):
  
  
  C:\Program Files\Viewpoint\
  C:\WINDOWS\System32\svhda.exe
  
  
• Return to Killbox, go to the File menu, and choose Paste from Clipboard.
  
• Click the red-and-white Delete File button. Click Yes at the Delete on Reboot prompt. Click OK at any PendingFileRenameOperations prompt (and please let me know if you receive this message!).

If your computer does not restart automatically, please restart it manually.

If you receive a message such as: "Component 'MsComCtl.ocx' or one of its dependencies not correctly registered: a file is missing or invalid." when trying to run Killbox, click here to download and run missingfilesetup.exe. Then try Killbox again.

Post a new Hijack This log.

[hornet67]

Can i just check, i know what the xxxsite-u stuff is , it's a site i was doing on my computer, i know and want that stuff, should i leave that un checked?
Thanks

[Cheeseball81]

If you know those entries then you don't have to fix them.

[hornet67]

Thank you again for your help,
i don't know if this helps, but there is a thread ongoing here with exactly the same problem as me:http://forums.techguy.org/security/4...lock-date.html
Logfile of HijackThis v1.99.1
Scan saved at 22:06:56 ??????, on 28/05/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Apache Group\Apache\Apache.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Apache Group\Apache\Apache.exe
C:\Program Files\TDK Systems\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\KService\KService.exe
C:\mysql\bin\mysqld-nt.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\Playlist.exe
C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\AOL\1142514794\ee\AOLHostManager.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\VoyagerTest\fts.exe
C:\Program Files\Common Files\AOL\1142514794\ee\AOLServiceHost.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\kdx\KHost.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
c:\program files\common files\aol\1142514794\ee\services\antiSpywareApp\ver2_0_12\AOLSP Scheduler.exe
C:\Program Files\Common Files\AOL\1142514794\ee\AOLServiceHost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bi...e=6&key=SEARCH
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://127.0.0.1/xxxsite-u/index.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\uk.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bi...e=6&key=SEARCH
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://127.0.0.1/xxxsite-u/index.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
N4 - Mozilla: user_pref("browser.startup.homepage", "http://www.mozilla.org/start/"); (C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\prefs.js)
N4 - Mozilla: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5Cmozilla.org%5CMozilla%5Csearchplugins%5CNetscapeSe arch.src"); (C:\Documents and Settings\Gary E\Application Data\Mozilla\Profiles\default\x0gkjfjw.slt\prefs.js)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\Ipswitch\WS_FTP Home\wsbho2k0.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [RoxioEngineUtility] "C:\Program Files\Common Files\Roxio Shared\System\EngUtil.exe"
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy CD Creator 6\DragToDisc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RoxioAudioCentral] "C:\Program Files\Roxio\Easy CD Creator 6\AudioCentral\RxMon.exe"
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1142514794\ee\AOLHostManager.exe
O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe icon
O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
O4 - HKLM\..\Run: [delcab] C:\drivers\deltreew.exe C:\cabs
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [CleanEasyImg] c:\apps\easydvd\cleanall.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [%FP%Friendly fts.exe] "C:\Program Files\VoyagerTest\fts.exe"
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [kdx] C:\WINDOWS\kdx\KHost.exe -all
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\TDK Systems\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\TDK Systems\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\TDK Systems\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\uk.htm
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} - http://us.chat1.yimg.com/us.yimg.com...45/yacscom.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...9x/AvSniff.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aolsvc.aol.co.uk/comput...up/qdiagcc.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/acti..._v1-0-3-30.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by101fd.bay101.hotmail.msn.co...s/MsnPUpld.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1141744372718
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O16 - DPF: {AE9DCB17-F804-11D2-A44A-0020182C1446} (IntraLaunch.MainControl) - file://D:\SuperCD\IntraLaunch.CAB
O16 - DPF: {B020B534-4AA2-4B99-BD6D-5F6EE286DF5C} (Symantec Download Bridge) - https://a248.e.akamai.net/f/248/5462...l/SymDlBrg.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://zone.msn.com/binFramework/v10...o.cab34246.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yaho...tocomplete.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game01.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/tech...ActiveData.cab
O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - http://liveca12.custhelp.com/7530-b3.../java/RntX.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://creative.com/su/ocx/15016/CTPID.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe (file missing)
O23 - Service: Apache - Unknown owner - C:\Program Files\Apache Group\Apache\Apache.exe" --ntservice (file missing)
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\TDK Systems\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\KService\KService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MySql - Unknown owner - C:/mysql/bin/mysqld-nt.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe

[Cheeseball81]

You're welcome
There are some files I'd lke to get analyzed that look alittle suspicious:

Go to the forum here: http://www.thespykiller.co.uk/forum/index.php?board=1.0
Upload this (these) file(s):

C:\drivers\deltreew.exe
C:\cabs

Here are the directions for uploading the file:

Just click "New Topic", fill in the needed details and post a link to your thread here. Click the "Browse" button. Navigate to the file on your computer. When the file is listed in the window click "Post" to upload the file.

[hornet67]

Off to do that now, don't know if it helps but i edited my last post, at the top is a link to an ongoing thread that a guy has here with the same problem.