Pop up problems

My problem is with the Scratch and Sniff virus that bombards with popups...if someone would be kind enough to go step by step through the process i would really appreciate it. I tried doing Tony Klein's process for another member but it looks as if it has changed...please help if you can....

 

here is my registry...Please Help!!!!

StartupList report, 1/17/2003, 2:02:19 PM
StartupList version: 1.51
Started from : C:\My Music\startuplist\StartupList.EXE
Detected: Windows XP (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 (6.00.2600.0000)
* Using default options
==================================================

Running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Nhksrv.exe
C:\WINDOWS\System32\PackethSvc.exe
C:\WINDOWS\myCIO\Agent\myAgtSvc.exe
C:\WINDOWS\myCIO\Agent\swAgent.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\DELLMMKB.EXE
C:\WINDOWS\myCIO\Agent\myagttry.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Netropa\OSD.exe
C:\WINDOWS\system32\userinit.exe
C:\My Music\startuplist\StartupList.exe

--------------------------------------------------

Listing of startup folders:

Shell folders Common Startup:
[C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
America Online 6.0 Tray Icon.lnk = C:\Program Files\America Online 6.0\aoltray.exe
Camio Viewer 2000.lnk = C:\Program Files\Sierra Imaging\Image Expert 2000\IXApplet.exe
Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
Microsoft Works Calendar Reminders.lnk = ?

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

WorksFUD = C:\Program Files\Microsoft Works\wkfud.exe
Microsoft Works Portfolio = C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
Microsoft Works Update Detection = C:\Program Files\Microsoft Works\WkDetect.exe
RealTray = C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
DellTouch = C:\WINDOWS\DELLMMKB.EXE
myCIO.com ASaP = C:\WINDOWS\myCIO\Agent\myagttry.exe
myCIO.com Splash = C:\WINDOWS\myCIO\VScan\Splash.exe
QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime
XupiterToolbarUninstaller = C:\Documents and Settings\jamesr\Local Settings\Temporary Internet Files\Content.IE5\OLQFCT6N\XupiterToolbarUninstaller.exe
SQUpdatesChecker = C:\Program Files\Sqwire\uc.exe
SQConfigChecker = C:\Program Files\Sqwire\cc.exe
FSW = C:\Program Files\FSW\FSW.EXE

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

MSMSGS = "C:\Program Files\Messenger\msmsgs.exe" /background
Microsoft Works Update Detection = C:\Program Files\Microsoft Works\WkDetect.exe

--------------------------------------------------


Enumerating Browser Helper Objects:

(no name) - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - C:\Program Files\Sqwire\u.dll (disabled by BHODemon) - {2662BDD7-05D6-408F-B241-FF98FACE6054}
(no name) - C:\WINDOWS\System32\BHO2.dll - {53E10C2C-43B2-4657-BA29-AAE179E7D35C}

--------------------------------------------------

Enumerating Task Scheduler jobs:

ISP signup reminder 1.job
ISP signup reminder 2.job
Symantec NetDetect.job

--------------------------------------------------

Enumerating Download Program Files:

[{02BF25D5-8C17-0000-0000-000000000000}]
CODEBASE = http://www.apple.com/qtactivex/qtplugin.cab

[QuickTime Object]
InProcServer32 = C:\Program Files\QuickTime\QTPlugin.ocx
CODEBASE = http://www.apple.com/qtactivex/qtplugin.cab

[CDKey Class]
InProcServer32 = C:\WINDOWS\System32\ITCDKey.dll
CODEBASE = http://www.cdkeybonus.com/cdkey/ITCDKey.cab

[Loader Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\CONFLICT.4\SQLoader.dll
CODEBASE = http://www.search-feed.com/bigbar/SQLoader.cab

[SecureObjectFactory Class]
InProcServer32 = C:\WINDOWS\myCIO\Agent\myAsUtil2.5.939.0.dll
CODEBASE = http://virusscanasap.mycio.com/VS2/SonicWall/bin/myCioAgt.cab

[{41F17733-B041-4099-A042-B518BB6A408C}]
CODEBASE = http://a1540.g.akamai.net/7/1540/52...le.com/samantha/us/win/QuickTimeInstaller.exe

[BHO.clsUrlSearch]
InProcServer32 = C:\WINDOWS\System32\BHO2.dll
CODEBASE = http://207.44.176.11/auth/IE_InstllC.exe

[BJA Control]
InProcServer32 = C:\WINDOWS\DOWNLO~1\bja.ocx
CODEBASE = http://mirror.worldwinner.com/games/v42/bjattack/bjattack.cab

[Fswinst Control]
InProcServer32 = C:\WINDOWS\DOWNLO~1\fswinst.ocx
CODEBASE = http://www.freescratchandwin.com/files/fswinst07.cab

[DepHlp Control]
InProcServer32 = C:\WINDOWS\DOWNLO~1\dephlp.ocx
CODEBASE = http://www.worldwinner.com/games/shared/dephlp.cab

[{731918D2-517A-47E2-886A-3BC1380C591D}]
CODEBASE = http://webpdp.gator.com/v3/download/pdpplugin_4094_hd3ptdm.cab

[Live365Player Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\Play365.dll
CODEBASE = http://www.live365.com/players/play365.cab

[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\System32\macromed\flash\Flash.ocx
CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

--------------------------------------------------
End of report, 6,160 bytes
Report generated in 0.172 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only

 

please!!!!! pretty please....

Help me.....

 

Download SS+D from Here

Update it via "Online" tab before scanning. Download all updates. Close down all IE windows and scan.

"Fix" all the RED entries only. Don't worry about the green entries.

This will help your current predicament.

 

i think this has solved my problems...

thank you...

should i Uninstall Spybot Search & Destroy or NO?

 

Keep it, Update it once a week, and run once a week. It will keep you safe and sane!