here is my logfile

Logfile of HijackThis v1.99.1
Scan saved at 9:47:06 AM, on 8/3/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\RegSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\BCMSMMSG.exe
C:\WINDOWS\system32\BacsTray.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Dell\QuickSet\Quickset.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\System32\1XConfig.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\outlook\outlook.exe
C:\nwnmff_7.exe
C:\dfndrff_7.exe
C:\kybrdff_7.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Common Files\{40358F4B-05DA-1033-0426-041120030001}\Update.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\unzipped\imhider\IMHider.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Documents and Settings\Me\Start Menu\Programs\Startup\Adobe Gamma Loader.exe
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Microsoft Office\Office\POWERPNT.EXE
C:\WINDOWS\regedit.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\unzipped\hijackthis\HijackThis.exe
C:\unzipped\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [bacstray] BacsTray.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\Quickset.exe
O4 - HKLM\..\Run: [Windows System32] clsas32.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [outlook] C:\Program Files\outlook\outlook.exe /auto
O4 - HKLM\..\Run: [winlog] winlog.exe
O4 - HKLM\..\Run: [newname] C:\\nwnmff_7.exe
O4 - HKLM\..\Run: [defender] C:\\dfndrff_7.exe
O4 - HKLM\..\Run: [keyboard] C:\\kybrdff_7.exe
O4 - HKLM\..\Run: [SNM] C:\Program Files\SpyNoMore\SNM.exe /startup
O4 - HKLM\..\RunServices: [Windows System32] clsas32.exe
O4 - HKLM\..\RunServices: [winlog] winlog.exe
O4 - HKCU\..\Run: [Sonic RecordNow!] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [Windows System32] clsas32.exe
O4 - HKCU\..\Run: [IMHider] C:\unzipped\imhider\IMHider
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\RunServices: [Windows System32] clsas32.exe
O4 - Startup: Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O16 - DPF: Aurigma Image Uploader 2.0 - http://www.photogize.com/PhotogizeImageUploader.cab
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540012} (CInstall Class) - http://www.funnytaf.com/fun/installer/Install.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1150406032541
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {D0B5B58D-8CB9-4EDB-8BB0-9D34AEF727CF} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O20 - Winlogon Notify: SharedDLLs - C:\WINDOWS\system32\enp6l17s1.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\TWU\command.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Lixmtamansb - Lexmark International, Inc. - (no file)
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe


thanks for any help!

it gave me an error message when i tried to run the program



F-Secure Blacklight could not acquire necessary privileges (SeDebugPrivilege).

-Your computer settings may prevent acquiring these privileges.
-A malicious program might have disabled these privileges.


any settings i should change that might let it run correctly?

Welcome to the forum, if you still need help and are not receiving elsewhere, I will see what I can do.
You will want to review this information: http://forums.spybot.info/showthread.php?t=288 and I will post a little for our friend knowing they are only trying to help:
Only authorized helpers may assist in the removal of malware.
Helpers, Warriors, Experts and Team Spybot

You have several nasty infections and my first thought is to ask you to keep the computer offline as much as possible, these infections will attract others and you have your share just now. We will start with the Look2me infection:

Thanks to Atribune and any others who helped with this fix.

Please download Look2Me-Destroyer.exe (http://www.atribune.org/ccount/click.php?id=7) to your desktop.
Close all windows before continuing.
Double-click Look2Me-Destroyer.exe to run it.
Put a check next to Run this program as a task.
You will receive a message saying Look2Me-Destroyer will close and re-open in approximately 10 seconds. Click OK
When Look2Me-Destroyer re-opens, click the Scan for L2M button, your desktop icons will disappear, this is normal.
Once it's done scanning, click the Remove L2M button.
You will receive a Done Scanning message, click OK.
When completed, you will receive this message: Done removing infected files! Look2Me-Destroyer will now shutdown your computer, click OK.
Your computer will then shutdown.
Turn your computer back on.
Please post the contents of C:\Look2Me-Destroyer.txt and a new HiJackThis log.

If Look2Me-Destroyer does not reopen automatically, reboot and try again.

If you receive a message from your firewall about this program accessing the internet please allow it.

If you receive a runtime error '339' please download MSWINSCK.OCX from the link below and place it in your C:\Windows\System32 Directory.
http://www.ascentive.com/support/new/images/lib/MSWINSCK.OCX

More info:

If for some reason Look2Me-Destroyer doesn't reopen check that task scheduler is running.
If it isnt you can use sc.exe to start it

start>run sc start schedule press enter.

Post the two logs bolded above and I will respond with instructions as soon as possible after that. Please add any comments you think will help.

Thanks...pskelley
Safer Networking Forums

hijackthis log

Logfile of HijackThis v1.99.1
Scan saved at 6:42:22 PM, on 8/5/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\RegSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\BCMSMMSG.exe
C:\WINDOWS\system32\BacsTray.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Dell\QuickSet\Quickset.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\1XConfig.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\outlook\outlook.exe
C:\WINDOWS\system32\winlog.exe
C:\Program Files\Common Files\{40358F4B-05DA-1033-0426-041120030001}\Update.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\unzipped\imhider\IMHider.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Documents and Settings\Me\Start Menu\Programs\Startup\Adobe Gamma Loader.exe
C:\WINDOWS\system32\wuauclt.exe
C:\unzipped\hijackthis\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [bacstray] BacsTray.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\Quickset.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [outlook] C:\Program Files\outlook\outlook.exe /auto
O4 - HKLM\..\Run: [winlog] winlog.exe
O4 - HKLM\..\Run: [SNM] C:\Program Files\SpyNoMore\SNM.exe /startup
O4 - HKLM\..\RunServices: [winlog] winlog.exe
O4 - HKCU\..\Run: [Sonic RecordNow!] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [IMHider] C:\unzipped\imhider\IMHider
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O16 - DPF: Aurigma Image Uploader 2.0 - http://www.photogize.com/PhotogizeImageUploader.cab
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1150406032541
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {D0B5B58D-8CB9-4EDB-8BB0-9D34AEF727CF} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\TWU\command.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Lixmtamansb - Lexmark International, Inc. - (no file)
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

look2me log


Look2Me-Destroyer V1.0.12

Scanning for infected files.....
Scan started at 8/5/2006 6:36:02 PM

Infected! C:\WINDOWS\system32\k4pm0e71eh.dll
Infected! C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP363\A0051114.dll
Infected! C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP363\A0051117.dll
Infected! C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP363\A0051132.dll
Infected! C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP363\A0051134.dll
Infected! C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP364\A0051167.dll
Infected! C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP365\A0051224.dll
Infected! C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP365\A0051230.dll
Infected! C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP365\A0051237.dll
Infected! C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP365\A0051245.dll
Infected! C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP365\A0051261.dll
Infected! C:\WINDOWS\SYSTEM32\enr8l19u1.dll
Infected! C:\WINDOWS\SYSTEM32\hbui.dll
Infected! C:\WINDOWS\SYSTEM32\ir82l5lo1.dll
Infected! C:\WINDOWS\SYSTEM32\ir8ml5l11.dll
Infected! C:\WINDOWS\SYSTEM32\irl0l53m1.dll
Infected! C:\WINDOWS\SYSTEM32\k4pm0e71eh.dll
Infected! C:\WINDOWS\SYSTEM32\k644lghq164e.dll
Infected! C:\WINDOWS\SYSTEM32\l62slgf7162.dll
Infected! C:\WINDOWS\system32\guard.tmp

Attempting to delete infected files...

Attempting to delete: C:\WINDOWS\system32\k4pm0e71eh.dll
C:\WINDOWS\system32\k4pm0e71eh.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP363\A0051114.dll
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP363\A0051114.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP363\A0051117.dll
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP363\A0051117.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP363\A0051132.dll
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP363\A0051132.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP363\A0051134.dll
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP363\A0051134.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP364\A0051167.dll
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP364\A0051167.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP365\A0051224.dll
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP365\A0051224.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP365\A0051230.dll
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP365\A0051230.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP365\A0051237.dll
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP365\A0051237.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP365\A0051245.dll
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP365\A0051245.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP365\A0051261.dll
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP365\A0051261.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\SYSTEM32\enr8l19u1.dll
C:\WINDOWS\SYSTEM32\enr8l19u1.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\SYSTEM32\hbui.dll
C:\WINDOWS\SYSTEM32\hbui.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\SYSTEM32\ir82l5lo1.dll
C:\WINDOWS\SYSTEM32\ir82l5lo1.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\SYSTEM32\ir8ml5l11.dll
C:\WINDOWS\SYSTEM32\ir8ml5l11.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\SYSTEM32\irl0l53m1.dll
C:\WINDOWS\SYSTEM32\irl0l53m1.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\SYSTEM32\k4pm0e71eh.dll
C:\WINDOWS\SYSTEM32\k4pm0e71eh.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\SYSTEM32\k644lghq164e.dll
C:\WINDOWS\SYSTEM32\k644lghq164e.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\SYSTEM32\l62slgf7162.dll
C:\WINDOWS\SYSTEM32\l62slgf7162.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\system32\guard.tmp
C:\WINDOWS\system32\guard.tmp Deleted successfully!

Making registry repairs.

Removing: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Reinstall

Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{2AE9FED0-8997-48FB-8565-6C5B43ADDD7D}"
HKCR\Clsid\{2AE9FED0-8997-48FB-8565-6C5B43ADDD7D}

Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{295B17CB-9BBF-49A8-8E78-9191C6AFEC2A}"
HKCR\Clsid\{295B17CB-9BBF-49A8-8E78-9191C6AFEC2A}

Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{9D9E3EF1-0CF7-4217-AAEA-1C659E8FBE12}"
HKCR\Clsid\{9D9E3EF1-0CF7-4217-AAEA-1C659E8FBE12}

Restoring Windows certificates.

Replaced hosts file with default windows hosts file


Restoring SeDebugPrivilege for Administrators - Succeeded

Good job with the Look2me fix:bigthumb: this item:
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
For your information, Viewpoint is installed by aol probably without your knowledge. I suggest you use Add Remove programs to uninstall it. Read about it here:
http://www.clickz.com/news/article.php/3561546
http://www.greatis.com/appdata/u/v/viewmgr.exe.htm
http://www.spywareinfo.com/newsletter/archives/2005/nov4.php#viewpoint

Thanks to Metallica and any others who helped with this fix. It is important that you read the directions and follow them carefully. You may want to print them.

1. Please download Ewido Anti-Malware (http://www.ewido.net/en/download/)
Install ewido anti-malware
Launch ewido, there should be an icon on your desktop, double-click it.
The program will now open to the main screen.
When you run ewido for the first time, you may get a warning "Database could not be found!". Click OK. We will fix this in a moment.

You will need to update ewido to the latest definition files.
On the left hand side of the main screen click update.
Then click on Start Update.

The update will start and a progress bar will show the updates being installed.
(the status bar at the bottom will display ("Update successful")
Exit Ewido, do not run the scan yet!
If you are having problems with the updater, you can use this link to manually update ewido.
ewido manual updates (http://download.ewido.net/ewido-signatures-full-current.exe)

2. Please download Brute Force Uninstaller (http://www.merijn.org/files/bfu.zip) to your desktop.
Right click the BFU folder on your desktop, and choose Extract All
Click "Next"
In the box to choose where to extract the files to,
Click "Browse"
Click on the + sign next to "My Computer"
Click on "Local Disk (C: ) or whatever your primary drive is
Click "Make New Folder"
Type in BFU
Click "Next", and Uncheck the "Show Extracted Files" box and then click "Finish".
3. RIGHT-CLICK HERE (http://metallica.geekstogo.com/alcanshorty.bfu) and choose "Save As" (in IE it's "Save Target As") in order to download Alcra PLUS Remover.
Save it in the same folder you made earlier (c:\BFU).

Do not do anything with these yet!

Reboot your computer into Safe Mode. You can do this by restarting your computer and continually tapping F8 until a menu appears. Highlight Safe Mode and hit enter.

4. Once in Safe Mode, Open Ewido:
Click on scanner
Click on Complete System Scan and the scan will begin.
You will be prompted to clean the first infection.
Select "Perform action on all infections", then proceed.
Once the scan has completed, there will be a button located on the bottom of the screen named Save report
Click Save report.
Save the report .txt file to your desktop or a location where you can find it easily.
Close ewido anti-malware.

5. Then, please go to Start > My Computer and navigate to the C:\BFU folder.
Start the Brute Force Uninstaller by doubleclicking BFU.exe
Behind the scriptline to execute field click the folder icon http://metallica.geekstogo.com/foldericon.png and select alcanshorty.bfu
Press Execute and let the program do it’s job. (You ought to see a progress bar if you did this correctly.)
Wait for the complete script execution box to pop up and press OK.
Press exit to terminate the BFU program.
Reboot into normal windows and post the contents of Ewido text report that you saved and a new HiJackThis log.

There will be more to do...thanks

hijack this log

Logfile of HijackThis v1.99.1
Scan saved at 11:14:45 PM, on 8/5/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\RegSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\BCMSMMSG.exe
C:\WINDOWS\system32\BacsTray.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Dell\QuickSet\Quickset.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\WINDOWS\System32\1XConfig.exe
C:\Program Files\Common Files\{40358F4B-05DA-1033-0426-041120030001}\Update.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\unzipped\imhider\IMHider.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Documents and Settings\Me\Start Menu\Programs\Startup\Adobe Gamma Loader.exe
C:\unzipped\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [bacstray] BacsTray.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\Quickset.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SNM] C:\Program Files\SpyNoMore\SNM.exe /startup
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [Sonic RecordNow!] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [IMHider] C:\unzipped\imhider\IMHider
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O16 - DPF: Aurigma Image Uploader 2.0 - http://www.photogize.com/PhotogizeImageUploader.cab
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1150406032541
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {D0B5B58D-8CB9-4EDB-8BB0-9D34AEF727CF} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Fasmtt35w - Anti-Malware Development a.s. - (no file)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Lixmtamansb - Lexmark International, Inc. - (no file)
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

ewido

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 11:08:12 PM 8/5/2006

+ Scan result:



C:\Documents and Settings\Me\Local Settings\Temp\temp.frA2D7 -> Adware.AdURL : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Local Settings\Temporary Internet Files\Content.IE5\A9KPW16D\AppWrap[1].exe -> Adware.AdURL : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Local Settings\Temporary Internet Files\Content.IE5\IFIP2PS7\AppWrap[1].exe -> Adware.AdURL : Cleaned with backup (quarantined).
C:\WINDOWS\icont.exe -> Adware.AdURL : Cleaned with backup (quarantined).
HKLM\SOFTWARE\AutoLoader -> Adware.Apropos : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Local Settings\Temp\temp.fr314A -> Adware.CommAd : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Local Settings\Temp\temp.frDD38 -> Adware.CommAd : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP363\A0051135.exe -> Adware.CommAd : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP363\A0051137.dll -> Adware.CommAd : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Local Settings\Temp\temp.fr4DF6 -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP363\A0051116.DLL -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP364\A0051166.DLL -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP365\A0051198.DLL -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP365\A0051211.DLL -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP365\A0051274.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP365\A0051275.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP365\A0051276.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP365\A0051277.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP365\A0051278.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP365\A0051279.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
HKLM\SOFTWARE\VGroup -> Adware.SAHA : Cleaned with backup (quarantined).
HKLM\SOFTWARE\VGroup\SAHPopup -> Adware.SAHA : Cleaned with backup (quarantined).
C:\Downloads\Civ3-dm[1].exe -> Adware.Trymedia : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\winlog.exe -> Backdoor.Rbot : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Local Settings\Temporary Internet Files\Content.IE5\I58L4ZEB\loader[1].exe -> Downloader.Adload.di : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Local Settings\Temporary Internet Files\Content.IE5\I58L4ZEB\loader[6].exe -> Downloader.Adload.di : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP362\A0050723.exe -> Downloader.Adload.di : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Local Settings\Temporary Internet Files\Content.IE5\W9ABCD2R\nwnmff_7[1].exe -> Downloader.Adload.dj : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP365\A0051235.exe -> Downloader.Adload.dj : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Local Settings\Temporary Internet Files\Content.IE5\I58L4ZEB\kybrdff_7[1].exe -> Downloader.Adload.dl : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP365\A0051234.exe -> Downloader.Adload.dl : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Local Settings\Temp\dr6aeiw2.exe -> Downloader.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP362\A0050696.exe -> Downloader.VB.wj : Cleaned with backup (quarantined).
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\GDIJKLMN\popup[1].htm -> Hijacker.Agent.a : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Local Settings\Temporary Internet Files\Content.IE5\A9KPW16D\dfndrff_7[1].exe -> Hijacker.VB.ly : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP365\A0051233.exe -> Hijacker.VB.ly : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\Gummy.class-2133b899-462cd6bb.class -> Not-A-Virus.Exploit.ByteVerify : Ignored.
C:\Documents and Settings\Me\Local Settings\Temp\temp.frD2B3 -> Not-A-Virus.Monitor.Win32.NetMon.a : Ignored.
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP363\A0051136.exe -> Not-A-Virus.Monitor.Win32.NetMon.a : Ignored.
:mozilla.100:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.101:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.102:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.103:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.104:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.105:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.106:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.107:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.119:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.120:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.121:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.122:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.123:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.124:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.125:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.126:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.127:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.128:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.129:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.130:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.131:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.132:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.133:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.134:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.135:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.136:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.137:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.138:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.139:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.140:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.141:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.142:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.143:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.144:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.396:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.603:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.631:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.657:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.808:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.826:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.888:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.95:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.96:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.97:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.98:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.99:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\WINDOWS\Temp\Cookies\me@heavycom.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.336:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.545:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.

:mozilla.421:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned.
:mozilla.291:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.292:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.293:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.294:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.295:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.296:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.598:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.430:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.431:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
:mozilla.941:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.942:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.239:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.240:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.241:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.242:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.243:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.244:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Me\Local Settings\Temp\Cookies\me@advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
C:\WINDOWS\Temp\Cookies\me@advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.174:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Me\Cookies\me@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Me\Local Settings\Temp\Cookies\me@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.823:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Bfast : Cleaned.
:mozilla.842:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.275:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.276:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.277:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.278:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.328:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.329:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.330:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.53:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.54:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.55:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.56:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.57:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.58:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.59:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.60:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
C:\WINDOWS\Temp\Cookies\me@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.475:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.476:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.876:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.877:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.32:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.33:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.34:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.35:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.36:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\Me\Cookies\me@com[1].txt -> TrackingCookie.Com : Cleaned.
:mozilla.420:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.
:mozilla.622:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.
:mozilla.28:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
C:\WINDOWS\Temp\Cookies\me@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.164:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.165:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.166:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Me\Cookies\me@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Me\Local Settings\Temp\Cookies\me@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.853:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.854:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.855:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.320:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.323:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.326:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.327:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
C:\WINDOWS\Temp\Cookies\me@as-us.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.287:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.288:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.289:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.290:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.146:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Findwhat : Cleaned.
:mozilla.184:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.488:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.271:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.272:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.273:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.792:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.793:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.794:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.830:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.831:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.832:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.834:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.866:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.890:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.804:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned.
C:\WINDOWS\Temp\Cookies\me@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.474:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Masterstats : Cleaned.
:mozilla.24:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.25:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
C:\WINDOWS\Temp\Cookies\me@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.801:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.802:C:\Documents and Settings\Me\Application
Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.231:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.232:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.632:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.633:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.634:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.635:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.636:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.809:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.810:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.299:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.300:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.301:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.302:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.18:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.19:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.22:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.23:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
C:\WINDOWS\Temp\Cookies\me@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.546:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.308:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.309:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.310:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.311:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.312:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.313:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.

:mozilla.314:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.315:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.316:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.317:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.318:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.319:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.616:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.617:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.618:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.619:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.620:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.870:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
C:\Documents and Settings\Me\Cookies\me@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.803:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Spylog : Cleaned.
:mozilla.208:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.211:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.212:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.213:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.214:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.215:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.216:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.217:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.218:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.219:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.220:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.221:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.222:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.223:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.224:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.225:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
C:\WINDOWS\Temp\Cookies\me@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.255:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.256:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.257:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.331:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.68:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Tracking101 : Cleaned.
:mozilla.69:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Tracking101 : Cleaned.
:mozilla.778:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.779:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.780:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.781:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.782:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.783:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.784:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.785:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.786:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.653:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Trafic : Cleaned.
:mozilla.198:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.199:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.200:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.201:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.776:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.777:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.897:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.898:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.899:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.185:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.812:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
C:\WINDOWS\Temp\Cookies\me@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.470:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.471:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.378:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.379:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.380:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.381:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.382:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.383:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.384:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.385:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.386:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Me\Cookies\me@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Me\Local Settings\Temp\Cookies\me@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\WINDOWS\Temp\Cookies\me@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.79:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.

:mozilla.81:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.82:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.83:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.84:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.85:C:\Documents and Settings\Me\Application Data\Mozilla\Firefox\Profiles\0hg0w725.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
C:\WINDOWS\Temp\Cookies\me@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.
C:\I386\REG.EXE -> Worm.Randon : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\!!!>>PSP>> Goku Makaimura JAP a.K.a Ghosts'N Goblins shared by Langer <<PSP<&lt.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\3D Backgammon.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Ace of Base - discografia [Mp3-vbr - Tntvillage.org].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Advanced search.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Air America Radio - The Al Franken Show 073106 [mp3].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Air America Radio - The Majority Report 073106 [mp3].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Air America Radio - The Rachel Maddow Show 073106 [mp3].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Air America Radio - The Randi Rhodes Show 073106 [mp3].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Air America Radio - The Thom Hartmann Program 072806 [mp3].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Air America Radio - The Thom Hartmann Program 073106 [mp3].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Alcohol 120 1 9 5 4327 Incl Activator.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Alcohol 120% 1.9.5.4327 Retail With "NEW" Full Activation Crack.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Alex Jones 31st of July 2006.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Anal Cavity Search 2 - Angelina Crow.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Anime Wallpaper.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Armenia Maps History.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Avril Lavigne Wallpapers 2006.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\BRANDNEW+WEBSEEDThe Ant Bully SFCLONE-PLEX.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Boxing Roy Jones Jr vs Prince Badi MAIN EVENT PPV XviD-aAF.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Browse categories.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Clerks 2 2006 TS SVCD-HafVCD.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Clerks 2 2006 TS XviD-LRC(gallies net).zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Combating Spyware in the Enterprise.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Copy To & Move To.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Copyright policy.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\DJ Drama & Lil Wayne - Young Money Vol 1.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Dane Cooks Tourgasm S01E08 HDTV XviD-SAiNTS [eztv].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Eset NOD32 v2.51.30 including NOD32.FiX.v2.1-nsane.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Formula 1 2007 installer update exe.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Gratis extra TV zenders Kijken op je pc (sport, movie, erotiek, muziek,enz.).zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Hans Zimmer - Tears Of The Sun 192.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Hells Kitchen S02E08 4 Chefs PDTV XviD-FQM [eztv].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Honey & Clover II - 05 [Solar-IDE][48ED4C88] avi.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\IRC chat.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\ISRAELIS vs ARABS(WHO ARE THE REAL TERRORISTS )By Hal Turner -Demonoid com-.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\John B - Electrostep (2006).zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Kamisama Kazoku-09[Kamisabu!] mkv.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Katie Holmes Wallpapers [1600x1200] 400pics @deviloid.net.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Kyle XY S01E06 DSR XviD-ORENJi [eztv].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\LEGO Mindstorms Masterpieces Building and Programming Advanced Robots.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Lynda com - Search Engine Optimization.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Math Wonders to Inspire Teachers and Students.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Mininova Trackmania Nations Server.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Minoriteam S01E20 DSR XviD-THOR [eztv].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Modern Macroeconomics - Its Origins, Development And Current State.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\My Super Ex-Girlfriend 2006 Cam VCD-XanaX.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Norton 2006 Antivirus keygen UPDATED by TsRH zip.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Ozzy Osbourne - The Ozzman Cometh - Greatest Hits.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\P Diddy Ft Nicole Scherzinger-Come To Me-(Promo CDM)-2006-RAGEMP3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\PSP Game Neopets English ISO521MB ByCombateMortal rar.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Penis Enlargement Guide with Pictures.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Pirates of the Caribbean Dead Man's Chest (2006) OBSESSiON Telesync KVCD By BluX (TUS Release).zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Poker Superstars S03E21 XviD-LionsDen [eztv].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Poseidon[2006]DvDrip AC3[Eng]-aXXo.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Privacy policy.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Sam Cooke- Portrait of a Legend(withcovers) a DHZ Inc Release(MISSING TRACKS ).zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Saved 1x08 (HDTV-LOL)[VTV].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Saxondale S01E07 WS PDTV XviD-RiVER [eztv].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Search Cloud.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\September 11th - Body of Evidence.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Show all of today →.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Social Engineering Ebook Collection (CFR, Bilderberger, Federal Reserve).zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Sony PSP Wallpapers Collection (August 2006).zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Stardock WindowBlinds (Golden Enhanced Edition) v5 02 rar.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\TV Shows.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Tabloid Wars S01E02 DSR XviD-ORENJi [eztv].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\The Ant Bully CAM 2006 Jek-31-07-06-pass.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\The Closer 2x08 (HDTV-LOL)[VTV].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\The Crystal Method - Drive Nike + Original Run (2006).zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\The Daily Show - 2006.07.31 - Will Ferrell (TVRip.SoS).zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\The Remaker [DvDRip] [WwW LiMiTeDiVx CoM] avi.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\The Road to Reality A Complete Guide to the Laws of the Universe.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Top 69 Books.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Ultimate Avengers 2 - Rise of the Panther (2006) - MPEG-4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Ultimate Steam Cracker v3 ALL GAMES(1) rar.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Upload a torrent.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\VA - Sexy Dance - The Ultimate House Tracks.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\VA-MOS-Hed Kandi-the Mix-Summer 2006-3CD-2006-HLSMP3.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Virtual Dj - [www dadotorrents com].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\WWE Divas 2006 Lingerie Special.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\Windows TinyXP Vista Edition.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\World War II Combat Iwo Jima [PCCD][English][www newpct com].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\[A-Keep & AH] Beet Excellion 01 [13C130AD] avi.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\[A-Keep & AH] Beet Excellion 02 [316FC1D7] avi.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\[A-Keep & AH] Beet Excellion 03 [929BF038] avi.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\[ADC-Elites] One Piece 273 [8BD870B0] avi.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\[Koga] Innocent Venus 01 [VOSTFR].zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\[Kuroneko] Zero No Tsukaima 04 HQ h264[31DAD78C] mkv.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\[Megami] Zegapain - 15 [C36604F3] mp4.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\[PSP] Lumines [EUR][CSO][www ESPALPSP com] rar.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\[PSP] Quiz Kidou Senshi Gundam Monsenshi DX [JAP][CSO][www espalpsp com] rar.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\[PSP]Ultimate Ghosts'n Goblins [JAP][FULL] [www ESPALPSP com] rar.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\[ayyo] Utawarerumono - 18 avi.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\avatars rar.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\l'equipe du 01 08 2006 pdf.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Documents and Settings\Me\Complete\wallpapers-Pictures Pack.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Program Files\outlook\p.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Program Files\outlook\v.tmp -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP362\A0050726.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP365\A0051395.exe -> Worm.VB.dw : Cleaned with backup (quarantined).


::Report end

thanks so much for your help so far

sorry i had to split it up but there are text limits on each post

Thanks for returning the information, you can see ewido did a great job removing some really nasty stuff. It also removed a lot of junk cookies, here is information about how to stop storing those junk cookies if you wish.
http://www.mvps.org/winhelp2002/cookies.htm
http://www.microsoft.com/windows/ie/using/howto/privacy/config.mspx
http://privacy.getnetwise.org/browsing/tools/firefox1/ffdisablecookies
http://www.mozilla.org/projects/security/pki/psm/help_21/using_priv_help.html

This: C:\Program Files\Common Files\{40358F4B-05DA-1033-0426-041120030001}\Update.exe is probaby bad and is an installer. I prefer to be positive before removing it. Use one or more of these free online scans and share the information with me.
If you find this one is bad, delete it. You may have to do that in safe mode. You can try stopping the process in task manager first in normal mode.
http://virusscan.jotti.org/
http://www.kaspersky.com/scanforvirus
http://www.virustotal.com/flash/index_en.html

This: C:\unzipped\imhider\IMHider.exe is probably good, let me know that you know it is there.

C:\Program Files\Java\jre1.5.0_03 <<< out of date, see this information: http://forums.spybot.info/showpost.php?p=12880&postcount=2
Update the programs and keep it that way, if no one is going to check it manually, then turn on the autoupdates.

SpyNoMore <<< did you install this program? It is not on the rougue list: http://www.spywarewarrior.com/rogue_anti-spyware.htm and if you installed it, that is fine.

No information of these two, can you provide assurance they are valid programs?
O23 - Service: Fasmtt35w - Anti-Malware Development a.s. - (no file)
O23 - Service: Lixmtamansb - Lexmark International, Inc. - (no file)
The second has a valid name but these hackers use what they want. These may already be disabled?

The fix by Metallica did a great job for you, let's answer the questions posted above and all going well, get you on your way with some good security advice.
Post a last HJT log.

Thanks...Phil

RE: C:\Program Files\Common Files\{40358F4B-05DA-1033-0426-041120030001}\Update.exe

http://www.kaspersky.com/scanforvirus found it clean

all antivirus searches on http://www.virustotal.com/flash/index_en.html found it clean

http://virusscan.jotti.org/ was continually too busy to try scanning on it

RE: C:\unzipped\imhider\IMHider.exe

yea IM hider is a program i put there and its fine

RE: C:\Program Files\Java\jre1.5.0_03

i followed instructions on the page you linked to

RE: spynomore was a little thing i downloaded that did a free scan of my pc

RE: lexmark int'l (O23 - Service: Lixmtamansb - Lexmark International, Inc.)

my old printer was a lexmark, must be something to do with that

RE: O23 - Service: Fasmtt35w - Anti-Malware Development a.s.

i'm not sure about this one, i dont recall downloading anything by this name

hijack this log

Logfile of HijackThis v1.99.1
Scan saved at 9:20:03 PM, on 8/6/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\RegSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\BCMSMMSG.exe
C:\WINDOWS\system32\BacsTray.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\System32\1XConfig.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Dell\QuickSet\Quickset.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\unzipped\imhider\IMHider.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Documents and Settings\Me\Start Menu\Programs\Startup\Adobe Gamma Loader.exe
C:\Program Files\Messenger\msmsgs.exe
C:\unzipped\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell4me.com/myway
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [bacstray] BacsTray.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\Quickset.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SNM] C:\Program Files\SpyNoMore\SNM.exe /startup
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [Sonic RecordNow!] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [IMHider] C:\unzipped\imhider\IMHider
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O16 - DPF: Aurigma Image Uploader 2.0 - http://www.photogize.com/PhotogizeImageUploader.cab
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1150406032541
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {D0B5B58D-8CB9-4EDB-8BB0-9D34AEF727CF} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Fasmtt35w - Anti-Malware Development a.s. - (no file)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Lixmtamansb - Lexmark International, Inc. - (no file)
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

thanks again

Sounds good to me, if you don't use those two service (023) why not disable them. They if you have a problem with the one you do not know, you can enable it again.
Click Start > Run and type services.msc
Scroll down to the service in question and right click on it.
Click Properties and under Service Status click Stop, then under Startup Type change it to Disabled.

Here is some great information from Tony Klein, Texruss, ChrisRLG and Grinler to help you stay clean and safe online:
http://forums.spybot.info/showthread.php?t=279
http://russelltexas.com/malware/allclear.htm
http://forum.malwareremoval.com/viewtopic.php?t=14
http://www.bleepingcomputer.com/forums/topict2520.html
http://cybercoyote.org/security/not-admin.shtml

ewido is a great program but it does use some resources. Once the trial is over you can update and use the scanner for as long as you wish, but unless you purchase it you should turn it off completely so it does not run unless you start it manually.

System Restore does not know the good files from the bad. In case bad stuff has gotten into your System Restore files, follow the instructions in this link to get clean System Restore files. Turn it off, reboot then turn it back on:
http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001111912274039?Open&src=sec_doc_nam

Safe surfing...tashi:) will close your topic in a day or so.

Thanks...pskelley
Safer Networking Forums
http://www.spybot.info/en/donate/index.html
If you are reading this information...thank a teacher,
If you are reading it in English...thank a soldier.

thanks so much!
ill definitely be more careful from now on!

Cheers,
As the problem appears to be resolved this topic has been archived.

If you need it re-opened please send me or your helper a private message (pm) and provide a link to the thread.

Applies only to the original topic starter.