Here is my log from hijackthis.exe. May someone please check to see if everything is ok? Your friend, K to the Spice.

Logfile of HijackThis v1.99.1
Scan saved at 2:26:46 PM, on 12/5/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\{847C147D-0722-1033-0707-050311190001}\Update.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\palmOne\HOTSYNC.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\System32\msiexec.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Documents and Settings\kspice\Desktop\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://aimhome.netscape.com/aimhome.adp
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_7
O4 - Startup: HotSync Manager.lnk = C:\Program Files\palmOne\HOTSYNC.EXE
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = Z:\Office\Office10\OSA.EXE
O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://Z:\Office\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O20 - AppInit_DLLs:
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

Welcome to the forum, please review and follow the instructions in this link: "BEFORE you POST" -Preliminary Steps and scanning with SPYBOT-S&D
http://forums.spybot.info/showthread.php?t=288
Post the results of the antivirus scan as requested and complete all other instructions.
_________________________________________


Thanks to sUBs and anyone who helped with this fix.

1. Download ComboFix.exe using either of these links:

* bleepingcomputer.com
http://download.bleepingcomputer.com/sUBs/combofix.exe
* techsupportforum.com
http://www.techsupportforum.com/sectools/combofix.exe
2. Double click on combofix.exe & follow the prompts.

3. When finished, it shall produce a log for you. Post that log & a fresh HJT log in your next reply
Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall
If the log is large You might need to post half in one reply half in another.

Thanks

Ok, here is my Combofix and Hijackthis info

kspice - 06-12-07 14:14:55.64 Service Pack 2
ComboFix 06.11.27W - Running from: "C:\Program Files\Mozilla Firefox"

(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\Documents and Settings\LocalService\Application Data\NetMon
C:\Program Files\Common Files\{347C147D-0722-1033-0707-050311190001}
C:\Program Files\Common Files\{847C147D-0722-1033-0707-050311190001}

~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

Folders Quarantined:

C:\QooBox\Purity\Documents and Settings\kspice\Application Data\SMBOLS~1


((((((((((((((((((((((((((((((( Files Created from 2006-11-07 to 2006-12-07 ))))))))))))))))))))))))))))))))))


2006-12-07 01:21 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2006-12-07 01:20 <DIR> d-------- C:\Program Files\MSXML 4.0
2006-12-05 23:47 <DIR> d-------- C:\WINDOWS\system32\PreInstall
2006-12-05 23:46 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2006-12-05 12:12 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2006-12-05 12:08 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2006-12-05 12:08 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2006-12-01 18:54 <DIR> d-------- C:\Program Files\Steam
2006-11-30 17:12 2 --a------ C:\WINDOWS\system32\winttr.exe
2006-11-30 16:40 <DIR> d--hs---- C:\WINDOWS\S3VydA
2006-11-12 14:15 <DIR> d-------- C:\Program Files\Vapour 2.0 Beta


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-12-07 14:16 -------- d-------- C:\Program Files\Common Files
2006-12-07 14:13 -------- d-------- C:\Program Files\Mozilla Firefox
2006-12-07 09:45 -------- d-------- C:\Documents and Settings\kspice\Application Data\AdobeUM
2006-12-07 01:21 -------- d-------- C:\Program Files\Windows Media Player
2006-12-07 01:21 -------- d-------- C:\Program Files\Messenger
2006-12-07 01:18 -------- d-------- C:\Program Files\Outlook Express
2006-12-07 01:18 -------- d-------- C:\Program Files\Internet Explorer
2006-12-07 01:18 -------- d-------- C:\Program Files\Common Files\System
2006-12-05 12:30 -------- d-------- C:\Program Files\WinZip
2006-12-05 12:30 -------- d-------- C:\Program Files\WinRAR
2006-12-05 12:30 -------- d-------- C:\Program Files\Winamp
2006-12-05 12:28 -------- d-------- C:\Program Files\palmOne
2006-12-05 12:25 -------- d-------- C:\Program Files\Google
2006-12-05 12:24 -------- d-------- C:\Program Files\AIM
2006-12-05 12:16 -------- d-------- C:\Program Files\QuickTime
2006-12-05 12:16 -------- d-------- C:\Program Files\iTunes
2006-12-05 10:43 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-11-30 14:12 -------- d---s---- C:\Documents and Settings\kspice\Application Data\Microsoft
2006-11-26 22:12 -------- d-------- C:\Documents and Settings\kspice\Application Data\dvdcss
2006-11-26 22:10 -------- d-------- C:\Program Files\ImTOO
2006-11-10 00:42 -------- d-------- C:\Program Files\Quicken
2006-11-08 17:28 26624 --a------ C:\Documents and Settings\kspice\Application Data\GDIPFONTCACHEV1.DAT
2006-10-22 23:23 -------- d-------- C:\Program Files\AWS
2006-10-22 23:23 -------- d-------- C:\Program Files\AOD
2006-10-22 23:23 -------- d-------- C:\Documents and Settings\kspice\Application Data\Aim
2006-10-20 21:28 -------- d-------- C:\Program Files\Valve
2006-10-13 06:35 65536 --a------ C:\WINDOWS\system32\nwwks.dll
2006-10-13 06:35 64000 --a------ C:\WINDOWS\system32\nwapi32.dll
2006-10-13 06:35 142336 --a------ C:\WINDOWS\system32\nwprovau.dll
2006-10-13 04:23 163584 --a------ C:\WINDOWS\system32\drivers\nwrdr.sys
2006-09-12 23:01 1084416 --a------ C:\WINDOWS\system32\msxml3.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"AIM"="C:\\Program Files\\AIM\\aim.exe -cnetwait.odl"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"CTHelper"="CTHELPER.EXE"
"Logitech Utility"="Logi_MwX.Exe"
@=""
"SoundMan"="SOUNDMAN.EXE"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000005

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,a0,00,00,00,00,00,00,00,80,02,00,00,3a,02,\
00,00,04,00,00,40
"RestoredStateInfo"=hex:18,00,00,00,a0,00,00,00,00,00,00,00,80,02,00,00,3a,02,\
00,00,01,00,00,00

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

Completion time: 06-12-07 14:16:34.82
C:\ComboFix.txt ... 06-12-07 14:16


Logfile of HijackThis v1.99.1
Scan saved at 2:27:18 PM, on 12/7/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\palmOne\HOTSYNC.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\kspice\Desktop\hijackthis\HijackThis.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Startup: HotSync Manager.lnk = C:\Program Files\palmOne\HOTSYNC.EXE
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = Z:\Office\Office10\OSA.EXE
O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://Z:\Office\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O20 - AppInit_DLLs:
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

You must read and follow the instructions:

Post the results of the antivirus scan as requested and complete all other instructions.
I request an antivirus scan and don't see it??

Your Java program is out of date and a security risk, see this:
http://forums.spybot.info/showpost.php?p=12880&postcount=2
C:\Program Files\Java\jre1.5.0_06\ <<< out of date, uninstall all old versions in Add Remove programs and download the newest.

1) Please download ATF Cleaner by Atribune
http://www.atribune.org/content/view/25/2/
Save it to your Desktop. We will use this later.

2) This looks like it may be bad: C:\WINDOWS\system32\winttr.exe
Scan it here: http://virusscan.jotti.org/
If it is bad, navigate to it and delete it.

3) Open HijackThis and choose "Do a system scan only" then check the box in front of these line items:

O4 - Startup: PowerReg Scheduler.exe
O20 - AppInit_DLLs:

Close all programs but HJT and all browser windows, then click on "Fix Checked"

4) Run ATF Cleaner
Double-click ATF-Cleaner.exe to run the program.
Click Select All found at the bottom of the list.
Click the Empty Selected button.
Click Exit on the Main menu to close the program.

5) Follow the directions in this link:
http://forums.security-central.us/showthread.php?t=3165

Restart the computer and post the results of the antivirus scan as requested, the scan results from AVG Anti-Spyware and a new HJT log. Let me know how the computer is running.

Thanks

Sorry for my ignorance. Where is AVG anti-spyware?

Adware:adware/mediatickets Not disinfected c:\windows\system32\winttr.exe
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt[ad.yieldmanager.com/]
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt[.statcounter.com/]
Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt[stat.onestat.com/]
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt[.zedo.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt[.adrevolver.com/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt[.realmedia.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt[.casalemedia.com/]
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt[.serving-sys.com/]
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt[.bs.serving-sys.com/]
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt[.belnk.com/]
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt[.2o7.net/]
Spyware:Cookie/AdDynamix Not disinfected C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt[.ads.addynamix.com/]
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt[.ads.pointroll.com/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt[.atwola.com/]
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt[.burstnet.com/]
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt[.drivecleaner.com/]
Spyware:Cookie/Findwhat Not disinfected C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt[.findwhat.com/]
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt[.go.com/]
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt[.overture.com/]
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt[.perf.overture.com/]
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt[.questionmarket.com/]
Spyware:Cookie/WUpd Not disinfected C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt[.revenue.net/]
Spyware:Cookie/Tickle Not disinfected C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt[.tickle.com/]
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt[.toplist.cz/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt[.trafficmp.com/]
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt[.tribalfusion.com/]
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt[as1.falkag.de/]
Spyware:Cookie/Bridgetrack Not disinfected C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt[citi.bridgetrack.com/]
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt[drivecleaner.com/]
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt[searchportal.information.com/]
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt[server.iad.liveperson.net/]
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt[server.iad.liveperson.net/hc/80570461]
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt[stats.drivecleaner.com/]
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt[www.burstbeacon.com/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\kspice\Cookies\kspice@atwola[1].txt
Spyware:Cookie/Findwhat Not disinfected C:\Documents and Settings\LocalService\Application Data\Mozilla\Firefox\Profiles\ilxz8zdf.default\cookies.txt[.findwhat.com/]
Adware:Adware/CommAd Not disinfected C:\WINDOWS\S3VydA\asappsrv.dll
Adware:Adware/CommAd Not disinfected C:\WINDOWS\S3VydA\command.exe
Adware:Adware/CommAd Not disinfected C:\WINDOWS\S3VydA\mapVxE.vbs
Spyware:Cookie/2o7 Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@112.2o7[1].txt
Spyware:Cookie/RealMedia Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@247realmedia[2].txt
Spyware:Cookie/2o7 Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@2o7[2].txt
Spyware:Cookie/Hbmediapro Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@adopt.hbmediapro[1].txt
Spyware:Cookie/Adrevolver Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@adrevolver[2].txt
Spyware:Cookie/Adrevolver Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@adrevolver[3].txt
Spyware:Cookie/AdDynamix Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@ads.addynamix[1].txt
Spyware:Cookie/PointRoll Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@ads.pointroll[2].txt
Spyware:Cookie/Adserver Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@adserver.filefront[1].txt
Spyware:Cookie/Adtech Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@adtech[2].txt
Spyware:Cookie/Advertising

Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@advertising[2].txt
Spyware:Cookie/Adviva Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@adviva[2].txt
Spyware:Cookie/Apmebf Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@apmebf[1].txt
Spyware:Cookie/Falkag Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@as-eu.falkag[1].txt
Spyware:Cookie/Falkag Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@as-us.falkag[2].txt
Spyware:Cookie/Falkag Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@as1.falkag[2].txt
Spyware:Cookie/Atlas DMT Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@atdmt[2].txt
Spyware:Cookie/Belnk Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@ath.belnk[1].txt
Spyware:Cookie/Atwola Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@atwola[2].txt
Spyware:Cookie/Azjmp Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@azjmp[2].txt
Spyware:Cookie/Banner Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@banner[2].txt
Spyware:Cookie/Belnk Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@belnk[1].txt
Spyware:Cookie/Bfast Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@bfast[2].txt
Spyware:Cookie/Bluestreak Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@bluestreak[1].txt
Spyware:Cookie/bravenetA Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@bravenet[2].txt
Spyware:Cookie/Serving-sys Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@bs.serving-sys[1].txt
Spyware:Cookie/BurstNet Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@burstnet[1].txt
Spyware:Cookie/Enhance Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@c.enhance[1].txt
Spyware:Cookie/GoStats Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@c2.gostats[2].txt
Spyware:Cookie/GoStats Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@c3.gostats[1].txt
Spyware:Cookie/Casalemedia Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@casalemedia[2].txt
Spyware:Cookie/CentrPort Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@centrport[2].txt
Spyware:Cookie/Cgi-bin Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@cgi-bin[3].txt
Spyware:Cookie/Cgi-bin Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@cgi-bin[7].txt
Spyware:Cookie/Cgi-bin Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@cgi-bin[8].txt
Spyware:Cookie/Bridgetrack Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@citi.bridgetrack[1].txt
Spyware:Cookie/Clickbank Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@clickbank[2].txt
Spyware:Cookie/Com.com Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@com[1].txt
Spyware:Cookie/Hitslink Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@counter.hitslink[1].txt
Spyware:Cookie/Coremetrics Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@data.coremetrics[1].txt
Spyware:Cookie/did-it Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@did-it[1].txt
Spyware:Cookie/Belnk Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@dist.belnk[2].txt
Spyware:Cookie/Doubleclick Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@doubleclick[1].txt
Spyware:Cookie/Hitbox Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@ehg-ati.hitbox[1].txt
Spyware:Cookie/Hitbox Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@ehg-dig.hitbox[2].txt
Spyware:Cookie/Hitbox Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@ehg-idg.hitbox[1].txt
Spyware:Cookie/Hitbox Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@ehg.hitbox[1].txt
Spyware:Cookie/Euniverseads Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@euniverseads[2].txt
Spyware:Cookie/FastClick Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@fastclick[1].txt
Spyware:Cookie/FastClick Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@fastclick[2].txt
Spyware:Cookie/fe.lea.lycos Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@fe.lea.lycos[1].txt
Spyware:Cookie/FortuneCity Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@fortunecity[1].txt
Spyware:Cookie/GoStats Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@gostats[2].txt
Spyware:Cookie/Go

Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@go[10].txt
Spyware:Cookie/Go Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@go[11].txt
Spyware:Cookie/Go Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@go[12].txt
Spyware:Cookie/Go Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@go[13].txt
Spyware:Cookie/Go Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@go[14].txt
Spyware:Cookie/Go Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@go[15].txt
Spyware:Cookie/Go Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@go[16].txt
Spyware:Cookie/Go Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@go[17].txt
Spyware:Cookie/Go Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@go[18].txt
Spyware:Cookie/Go Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@go[1].txt
Spyware:Cookie/Go Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@go[20].txt
Spyware:Cookie/Go Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@go[21].txt
Spyware:Cookie/Go Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@go[23].txt
Spyware:Cookie/Go Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@go[24].txt
Spyware:Cookie/Go Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@go[25].txt
Spyware:Cookie/Go Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@go[26].txt
Spyware:Cookie/Go Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@go[2].txt
Spyware:Cookie/Go Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@go[3].txt
Spyware:Cookie/Go Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@go[4].txt
Spyware:Cookie/Go Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@go[5].txt
Spyware:Cookie/Go Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@go[6].txt
Spyware:Cookie/Go Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@go[7].txt
Spyware:Cookie/Go Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@go[8].txt
Spyware:Cookie/Go Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@go[9].txt
Spyware:Cookie/Hitbox Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@hg1.hitbox[2].txt
Spyware:Cookie/Hitbox Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@hitbox[1].txt
Spyware:Cookie/HotLog Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@hotlog[1].txt
Spyware:Cookie/Inet-Traffic Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@inet-traffic[2].txt
Spyware:Cookie/Internetfuel Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@internetfuel[1].txt
Spyware:Cookie/Kount Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@kount[2].txt
Spyware:Cookie/DomainSponsor Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@landing.domainsponsor[2].txt
Spyware:Cookie/Netster Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@lb1.netster[1].txt
Spyware:Cookie/Netster Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@lb3.netster[1].txt
Spyware:Cookie/Linksynergy

Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@linksynergy[1].txt
Spyware:Cookie/Maxserving Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@maxserving[2].txt
Spyware:Cookie/Mediaplex Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@mediaplex[2].txt
Spyware:Cookie/Lop Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@mp3search[1].txt
Spyware:Cookie/Overture Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@overture[2].txt
Spyware:Cookie/Paypopup Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@paypopup[2].txt
Spyware:Cookie/Overture Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@perf.overture[1].txt
Spyware:Cookie/Hitbox Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@phg.hitbox[1].txt
Spyware:Cookie/Mircx Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@pop.mircx[2].txt
Spyware:Cookie/QkSrv Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@qksrv[2].txt
Spyware:Cookie/Qsrch Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@qsrch[2].txt
Spyware:Cookie/QuestionMarket Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@questionmarket[1].txt
Spyware:Cookie/RealMedia Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@realmedia[1].txt
Spyware:Cookie/WUpd Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@revenue[1].txt
Spyware:Cookie/Rightmedia Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@rightmedia[2].txt
Spyware:Cookie/Searchportal Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@searchportal.information[2].txt
Spyware:Cookie/Seeq Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@seeq[1].txt
Spyware:Cookie/Server.iad.Liveperson Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@server.iad.liveperson[2].txt
Spyware:Cookie/Serving-sys Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@serving-sys[2].txt
Spyware:Cookie/SpyLog Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@spylog[1].txt
Spyware:Cookie/onestat.com Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@stat.onestat[1].txt
Spyware:Cookie/Statcounter Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@statcounter[1].txt
Spyware:Cookie/WebtrendsLive Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@statse.webtrendslive[1].txt
Spyware:Cookie/Mammamediasolutions Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@targetnet[2].txt
Spyware:Cookie/Com.com Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@terra.com[1].txt
Spyware:Cookie/Tickle Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@tickle[2].txt
Spyware:Cookie/Toplist Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@toplist[1].txt
Spyware:Cookie/Tradedoubler

Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@tradedoubler[1].txt
Spyware:Cookie/Traffic Marketplace Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@trafficmp[2].txt
Spyware:Cookie/Tribalfusion Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@tribalfusion[1].txt
Spyware:Cookie/Valueclick Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@valueclick[3].txt
Spyware:Cookie/Affiliate fuel Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@www.affiliatefuel[2].txt
Spyware:Cookie/BurstBeacon Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@www.burstbeacon[2].txt
Spyware:Cookie/seeqA Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@www.seeq[1].txt
Spyware:Cookie/SAHAgent Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@www.shopathomeselect[2].txt
Spyware:Cookie/web-stat Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@www.web-stat[1].txt
Spyware:Cookie/Seeq Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@www48.seeq[1].txt
Spyware:Cookie/Xiti Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@xiti[1].txt
Spyware:Cookie/Yadro Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@yadro[1].txt
Spyware:Cookie/Adserver Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@z1.adserver[1].txt
Spyware:Cookie/Zedo Not disinfected F:\Documents and Settings\K Spice\Cookies\k spice@zedo[1].txt
Spyware:Cookie/2o7 Not disinfected F:\Documents and Settings\K Spice\Local Settings\Temp\Cookies\k spice@2o7[1].txt
Spyware:Cookie/YieldManager Not disinfected F:\Documents and Settings\K Spice\Local Settings\Temp\Cookies\k spice@ad.yieldmanager[2].txt
Spyware:Cookie/Advertising Not disinfected F:\Documents and Settings\K Spice\Local Settings\Temp\Cookies\k spice@advertising[1].txt
Spyware:Cookie/Apmebf Not disinfected F:\Documents and Settings\K Spice\Local Settings\Temp\Cookies\k spice@apmebf[2].txt
Spyware:Cookie/Atlas DMT Not disinfected F:\Documents and Settings\K Spice\Local Settings\Temp\Cookies\k spice@atdmt[2].txt
Spyware:Cookie/Belnk Not disinfected F:\Documents and Settings\K Spice\Local Settings\Temp\Cookies\k spice@ath.belnk[1].txt
Spyware:Cookie/Atwola Not disinfected F:\Documents and Settings\K Spice\Local Settings\Temp\Cookies\k spice@atwola[2].txt
Spyware:Cookie/Belnk Not disinfected F:\Documents and Settings\K Spice\Local Settings\Temp\Cookies\k spice@belnk[2].txt
Spyware:Cookie/BurstNet Not disinfected F:\Documents and Settings\K Spice\Local Settings\Temp\Cookies\k spice@burstnet[2].txt
Spyware:Cookie/Casalemedia Not disinfected F:\Documents and Settings\K Spice\Local Settings\Temp\Cookies\k spice@casalemedia[1].txt
Spyware:Cookie/Com.com Not disinfected F:\Documents and Settings\K Spice\Local Settings\Temp\Cookies\k spice@com[2].txt
Spyware:Cookie/Belnk Not disinfected F:\Documents and Settings\K Spice\Local Settings\Temp\Cookies\k spice@dist.belnk[1].txt
Spyware:Cookie/Doubleclick Not disinfected F:\Documents and Settings\K Spice\Local Settings\Temp\Cookies\k spice@doubleclick[1].txt
Spyware:Cookie/FastClick Not disinfected F:\Documents and Settings\K Spice\Local Settings\Temp\Cookies\k spice@fastclick[2].txt
Spyware:Cookie/Mediaplex Not disinfected F:\Documents and Settings\K Spice\Local Settings\Temp\Cookies\k spice@mediaplex[1].txt
Spyware:Cookie/Advertising Not disinfected F:\Documents and Settings\K Spice\Local Settings\Temp\Cookies\k spice@servedby.advertising[1].txt
Spyware:Cookie/WebtrendsLive Not disinfected F:\Documents and Settings\K Spice\Local Settings\Temp\Cookies\k spice@statse.webtrendslive[2].txt
Spyware:Cookie/Traffic Marketplace Not disinfected F:\Documents and Settings\K Spice\Local Settings\Temp\Cookies\k spice@trafficmp[1].txt
Spyware:Cookie/Tribalfusion Not disinfected F:\Documents and Settings\K Spice\Local Settings\Temp\Cookies\k spice@tribalfusion[1].txt
Spyware:Cookie/BurstBeacon Not disinfected F:\Documents and Settings\K Spice\Local Settings\Temp\Cookies\k spice@www.burstbeacon[1].txt
Spyware:Cookie/Adserver Not disinfected F:\Documents and Settings\K Spice\Local Settings\Temp\Cookies\k spice@z1.adserver[1].txt
Possible Virus. Not disinfected F:\WINDOWS\system32\jesterss.dll

Logfile of HijackThis v1.99.1
Scan saved at 9:59:32 PM, on 12/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\palmOne\HOTSYNC.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Winamp\winamp.exe
C:\Documents and Settings\kspice\Desktop\hijackthis\HijackThis.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Startup: HotSync Manager.lnk = C:\Program Files\palmOne\HOTSYNC.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = Z:\Office\Office10\OSA.EXE
O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://Z:\Office\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

Click on the link I provided to open it:

5) Follow the directions in this link:
http://forums.security-central.us/showthread.php?t=3165
Then click on the word HERE

Download AVG Anti-Spyware from HERE and save that file to your
desktop.

Click on that word HERE for the link: http://www.ewido.net/en/

Once you have run that scan (do not post the cookies again, I already saw them once, edit them out) then reboot the computer so the changes can take effect, THEN post another HJT log.

Thanks

C:\System Volume Information\_restore{9E79FF6D-54C3-44DE-94D3-787004125B2E}\RP292\A0033399.vbs -> Trojan.Small : Ignored.
C:\WINDOWS\S3VydA\mapVxE.vbs -> Trojan.Small : Ignored.
C:\WINDOWS\system32\winttr.exe -> Trojan.Small : Ignored.

C:\System Volume Information\_restore{9E79FF6D-54C3-44DE-94D3-787004125B2E}\RP292\A0033399.vbs -> Trojan.Small : Ignored.
C:\WINDOWS\S3VydA\mapVxE.vbs -> Trojan.Small : Ignored.

When I used virus scan on these two a few programs said it was spy ware. so I went to Start:Run and then AVG Anti-Spyware said these could be malicious programs so it disenfected them.

C:\WINDOWS\system32\winttr.exe -> Trojan.Small : Ignored.

Anti Virus found nothing on this one so I left it alone.

F:\Program Files\AWS\WeatherBug\MiniBugTransporter.dll -> Adware.Aws : Ignored.
C:\System Volume Information\_restore{9E79FF6D-54C3-44DE-94D3-787004125B2E}\RP292\A0033342.exe -> Adware.ClickSpring : Ignored.
C:\WINDOWS\S3VydA\asappsrv.dll -> Adware.CommAd : Ignored.
C:\WINDOWS\S3VydA\command.exe -> Adware.CommAd : Ignored.
C:\System Volume Information\_restore{9E79FF6D-54C3-44DE-94D3-787004125B2E}\RP287\A0031715.exe -> Adware.Maxifiles : Ignored.
C:\Program Files\Common Files\Real\WeatherBug\MiniBugTransporter.dll -> Adware.Minibug : Ignored.
C:\System Volume Information\_restore{9E79FF6D-54C3-44DE-94D3-787004125B2E}\RP291\A0033304.dll -> Adware.PurityScan : Ignored.
C:\System Volume Information\_restore{9E79FF6D-54C3-44DE-94D3-787004125B2E}\RP287\A0031712.dll -> Adware.Softomate : Ignored.
C:\System Volume Information\_restore{9E79FF6D-54C3-44DE-94D3-787004125B2E}\RP290\A0033003.dll -> Adware.TargetServer : Ignored.
C:\System Volume Information\_restore{9E79FF6D-54C3-44DE-94D3-787004125B2E}\RP292\A0033359.exe -> Downloader.Agent.awf : Ignored.
C:\System Volume Information\_restore{9E79FF6D-54C3-44DE-94D3-787004125B2E}\RP292\A0033360.exe -> Downloader.Agent.awf : Ignored.
C:\System Volume Information\_restore{9E79FF6D-54C3-44DE-94D3-787004125B2E}\RP292\A0033361.exe -> Downloader.Agent.awf : Ignored.
C:\System Volume Information\_restore{9E79FF6D-54C3-44DE-94D3-787004125B2E}\RP292\A0033362.exe -> Downloader.Agent.awf : Ignored.
C:\System Volume Information\_restore{9E79FF6D-54C3-44DE-94D3-787004125B2E}\RP292\A0033363.exe -> Downloader.Agent.awf : Ignored.
C:\System Volume Information\_restore{9E79FF6D-54C3-44DE-94D3-787004125B2E}\RP292\A0033365.exe -> Downloader.Agent.awf : Ignored.
C:\System Volume Information\_restore{9E79FF6D-54C3-44DE-94D3-787004125B2E}\RP292\A0033366.exe -> Downloader.Agent.awf : Ignored.
C:\System Volume Information\_restore{9E79FF6D-54C3-44DE-94D3-787004125B2E}\RP292\A0033367.exe -> Downloader.Agent.awf : Ignored.
C:\System Volume Information\_restore{9E79FF6D-54C3-44DE-94D3-787004125B2E}\RP292\A0033368.exe -> Downloader.Agent.awf : Ignored.
C:\System Volume Information\_restore{9E79FF6D-54C3-44DE-94D3-787004125B2E}\RP292\A0033369.exe -> Downloader.Agent.awf : Ignored.
C:\System Volume Information\_restore{9E79FF6D-54C3-44DE-94D3-787004125B2E}\RP292\A0033370.exe -> Downloader.Agent.awf : Ignored.
C:\System Volume Information\_restore{9E79FF6D-54C3-44DE-94D3-787004125B2E}\RP290\A0033288.exe -> Downloader.PurityScan.dr : Ignored.
C:\System Volume Information\_restore{9E79FF6D-54C3-44DE-94D3-787004125B2E}\RP287\A0031716.dll -> Downloader.Small.ece : Ignored.
C:\System Volume Information\_restore{9E79FF6D-54C3-44DE-94D3-787004125B2E}\RP290\A0033002.exe -> Downloader.TSUpdate.f : Ignored.
C:\System Volume Information\_restore{9E79FF6D-54C3-44DE-94D3-787004125B2E}\RP290\A0033001.exe -> Downloader.TSUpdate.l : Ignored.
C:\System Volume Information\_restore{9E79FF6D-54C3-44DE-94D3-787004125B2E}\RP290\A0032999.exe -> Downloader.TSUpdate.n : Ignored.
C:\System Volume Information\_restore{9E79FF6D-54C3-44DE-94D3-787004125B2E}\RP290\A0033000.exe -> Downloader.TSUpdate.r : Ignored.
C:\System Volume Information\_restore{9E79FF6D-54C3-44DE-94D3-787004125B2E}\RP291\A0033307.exe -> Dropper.Small : Ignored.
C:\System Volume Information\_restore{9E79FF6D-54C3-44DE-94D3-787004125B2E}\RP295\A0035190.dll -> Logger.Delf.mk : Ignored.
F:\Program Files\DIGStream\digstream.exe -> Not-A-Virus.Downloader.Win32.DigStream.a : Ignored.
C:\System Volume Information\_restore{9E79FF6D-54C3-44DE-94D3-787004125B2E}\RP292\A0033400.exe -> Not-A-Virus.Monitor.Win32.NetMon.a : Ignored.

Would you please read the instructions again for running AVG Anti-Spyware, and delete the junk it locates.

http://forums.security-central.us/showthread.php?t=3165
Instructions in this link.

Do this in the exact order I am posting it please.

1) MANUAL INSTRUCTIONS FOR SYSTEM RESTORE
1. Turn off System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.

2. Reboot.

3. Turn ON System Restore,
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
UN-Check *Turn off System Restore*.
Click Apply, and then click OK.

2) Follow the instruction in this link to start your computer in Safe Mode.
http://www.bleepingcomputer.com/tutorials/tutorial61.html

3) Once in Safe Mode, run AVG Anti-Spyware and follow the directions to delete or at least quarantine anything it locates.

4) Restart the computer back to Normal Mode.

5) Post the scan results from the AVG Anti-Spyware and a new HJT log.
Thanks

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 11:32:12 AM 12/13/2006

+ Scan result:



C:\Program Files\AWS\WeatherBug\MiniBugTransporter.dll -> Adware.Aws : Cleaned.
F:\Program Files\AWS\WeatherBug\MiniBugTransporter.dll -> Adware.Aws : Cleaned.
C:\Program Files\Common Files\Real\WeatherBug\MiniBugTransporter.dll -> Adware.Minibug : Cleaned.
F:\Program Files\DIGStream\digstream.exe -> Not-A-Virus.Downloader.Win32.DigStream.a : Cleaned.
:mozilla.417:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.418:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.419:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.420:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.448:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.477:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.504:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.578:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.153:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.154:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.155:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.175:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.176:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.422:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.423:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.424:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.426:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned.
:mozilla.371:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.372:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.467:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Adocean : Cleaned.
:mozilla.468:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Adocean : Cleaned.
:mozilla.181:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.183:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.186:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.189:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.589:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.600:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.601:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.602:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.639:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned.
:mozilla.184:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.187:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.188:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.321:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.322:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.279:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.140:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.141:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.90:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.323:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.324:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.325:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.326:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.590:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.591:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.592:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.593:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.464:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Findwhat : Cleaned.
:mozilla.650:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.620:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.621:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.151:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.152:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.516:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.517:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.518:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.524:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.427:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.428:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.534:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.535:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.536:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.537:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.542:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.458:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.459:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.460:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.352:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.353:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.354:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.425:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.226:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.227:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.228:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.229:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.121:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.122:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.123:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.124:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.562:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.563:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.564:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.565:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.566:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.567:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.185:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.367:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.368:C:\Documents and Settings\kspice\Application Data\Mozilla\Firefox\Profiles\cmfcu296.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.


::Report end

Logfile of HijackThis v1.99.1
Scan saved at 12:44:06 PM, on 12/13/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\CTHELPER.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\palmOne\HOTSYNC.EXE
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\kspice\Desktop\hijackthis\HijackThis.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Startup: HotSync Manager.lnk = C:\Program Files\palmOne\HOTSYNC.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = Z:\Office\Office10\OSA.EXE
O4 - Global Startup: VIA RAID TOOL.lnk = C:\Program Files\VIA\RAID\raid_tool.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://Z:\Office\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1165946152656
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

Thanks, that looks like a clean AVG Anti-Spyware report and a clean HJT log. How's the computer running now?

AVG Anti-Spyware is a good program but it does use some resources. Once the trial is over you can update and use the scanner for as long as you wish, but unless you purchase it you should turn it off completely so it does not run unless you start it manually.

Here is some great information from Tony Klein, Texruss, ChrisRLG and Grinler to help you stay clean and safe online:
http://forums.spybot.info/showthread.php?t=279
http://russelltexas.com/malware/allclear.htm
http://forum.malwareremoval.com/viewtopic.php?t=14
http://www.bleepingcomputer.com/forums/topict2520.html
http://cybercoyote.org/security/not-admin.shtml

Safe surfing and a Merry Christmas to you:present:

http://www.spybot.info/en/donate/index.html
If you are reading this information...thank a teacher,
If you are reading it in English...thank a soldier.

Thank you very, very, very much pskelly for your help and incredible patients!
And i hope you as well have merry Christmas!

oops, that's patience*
and the computer is running excellent! Thanks again!

As the problem appears to be resolved this topic has been closed.

If you need it re-opened please send me or a forum staff member a private message (pm) and provide a link to the thread; this applies only to the original topic starter.

Anyone else with similar problems please start a new topic.